The Angler exploit kit went on vacation during the first two weeks of the year, but the Russia-hosted RIG exploit kit was there to ensure that there would be no respite for users from malvertising and malicious drive-by downloads, according to a new report.
Researchers at Cisco’s Talos Security Intelligence and Research Group traced RIG to a single hosting provider out of Russia, Eurobyte, which proved to be uncooperative when it came to taking it down.
“Eurobyte is a downstream provider from Webzilla,” said threat researcher Nick Biasini. “Webzilla was very responsive and worked to make sure the hosts were taken down. Eurobyte was not really responsive to us, despite several attempts to contact them.”