Exploit Kit Landscape Map

11 October 2017

The image below is my most recent Exploit Kit Landscape Map (click to enlarge).

This map is an attempt to give an approximation of which Exploit Kits are currently active, how computers are being directed to them and what they’re dropping. I’m trying to be as accurate as possible but, at the same time, the volume of information and its multi-dimensional nature makes it pretty tricky at times. Note that I’m not tracking many Malspam specific campaigns at this point although some information from these campaigns may find its way into the “Other Methods” section of the chart.

Nodes that are green represent information from the past month.

To create the map, I’m mostly just compiling information from several blogs and tweets by the blog authors including the following:

Brad Duncan’s Blog
Jerome Segura
MalwareBreakdown
BroadAnalysis
ZeroPhage
Kafeine
nao_sec
Vitali Kremez

Hopefully, this map will be helpful to someone.

I used VYM (View Your Mind) software to create the map.