Exploit

The term translates as “exploit, exploit” and refers to IT programs that detect security gaps. Cybercriminals usually use exploit programs that exploit the vulnerabilities they find. Therefore, exploits are considered malware programs.

What does the term exploit mean in detail?

• Exploit programs are also used by programmers to discover security vulnerabilities and then fix them.
• Cybercriminals distribute malicious exploit programs in two main ways:
  • Via banner ads: After clicking on the advertisement, the exploit program is downloaded unnoticed.
  • As files, mostly as email attachments

If a cybercriminal discovers a previously unknown security vulnerability, he can exploit it until it is known and closed by an update. However, as long as the update in question has not been installed, the vulnerability in question can be exploited.
Cybercriminals like to use so-called “exploit kits”. These include several different exploit programs that check a system for different security vulnerabilities.

Where do I encounter exploits in my everyday work?

Like many other malicious programs, you can encounter exploits on the Internet or in your email program.

• Advertising banners spreading exploits can also be placed on completely legitimate sites (see malvertising).
• Emails with attachments containing exploits may look legitimate at first and even second glance. For example, they appear to come from one of your customers or contain an application. Your attention and critical approach to advertising on the Internet and with emails can save your company from significant damage caused by exploits.

What can I do to protect myself from exploits?

Many measures to increase your company’s cybersecurity also protect against exploits. In particular:

• If possible, use an ad blocker to block banner ads.
• Never click on banner ads. If you see a very interesting advertisement, go to the corresponding page manually.
• Be extremely critical of e-mails. Check their authenticity at the slightest suspicion, if necessary in several stages. The damage you can avert with it justifies the effort.
• Always keep your operating system, all software and especially your virus scanners up to date, install updates as soon as possible.
• Use a firewall that blocks unwanted traffic.