Threat researchers at Cisco have disrupted hackers that were using the notorious Angler exploit kit, taking down a campaign that generated more than $30m in revenue annually.
Cisco's Talos Security Intelligence and Research Group found that the Angler kit was used to attack up to 90,000 machines a day and was largely using the networks of service provider Limestone Networks, a data centre in Texas.
The Angler kit is often linked with large-scale malvertising and ransomware campaigns, and is known to target vulnerabilities in software such as Java and Flash to infect computers with malware.
Cisco revealed in an extensive research study that over the course of the Angler lifecycle, which is a single day, over 3,600 users were successfully compromised.
Some 62 percent of Angler infections delivered ransomware with an average demand of $300, according to the report.
The hacking campaign was constructed in a proxy configuration, using a single exploit server to deliver the malware through multiple proxy servers.
Following the discovery, which was conducted in collaboration with Level 3 Threat Research Labs, Cisco has stopped the Angler attack and has released the full technical details of its findings online.
Cisco estimated that the total annual revenue generated from the Angler kit was up to $60m
Nick Biasini, threat researcher at Cisco, explained that the curbing of Angler is a "significant blow to the emerging hacker economy".
"The black market sale of stolen IP, credit card info and personally identifiable information is generating hundreds of millions of dollars annually," he wrote in the report.
"It seems like every week the Angler exploit kit is in the news, whether it's domain shadowing, zero-day integration or large-scale malvertising campaigns, it consistently dominates the threat landscape.
"Every single year we see small innovations that lead towards the occasional major advance. Today we're seeing the results of years of major advances being combined with a drive-by download vector to form one of the most effective and profitable attacks facing the internet."
The report comes after news that dating website Match.com was forced to suspend advertising on its UK website following an Angler-based malware attack.
Furthermore, cyber criminals recently targeted Yahoo's ad networks in an orchestrated Angler malware campaign that put millions of internet users at risk.
Dominance of Apple and Samsung in smartphones being chipped away by Huawei, Oppo and other cheaper rivals
OLED smartphone display can be stretched, bent, rolled and even dented - but won't break
Upgrading from a conventional hard-disk drive to an SSD? This may be just what you're looking for
SME retailers are losing money by ignoring new payment systems like contactless and one-click