Cisco Blogs

Threat Spotlight: Exploit Kit Goes International Hits 150+ Countries

April 20, 2016 - 1 Comment
city_view_nuclear_final copy

Nuclear Activity Across 10,000+ Cities in 150+ Countries

This post authored by Nick Biasini

Talos is constantly monitoring the threat landscape and exploit kits are a constantly evolving component of it. An ongoing goal of Talos is to expose and disrupt these kits to protect the average internet user being targeted and compromised. We were able to gain unprecedented insight into Angler exploit kit and reveal details of the activity that were previously unknown. Now we have focused our attention on the Nuclear exploit kit with similar results.

Nuclear Exploit Kit has been steadily compromising users for years and has been effective in evolving as well as adding new exploits to their arsenal. However, it has been operating largely off the radar compared to some of the more prolific kits that are active today. This lack of deep visibility was one of the driving forces behind the deep investigation into its activity. What we found was a sophisticated threat that has been successfully targeting and compromising users in more than 10,000 different cities in more than 150 countries.



In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. Nuclear Proliferation. Knowing is always half-the-battle. Thanks for publishing vulnerabilities in eye-catching formats! Top-notch security teams should be more visible to the public and IT professionals. Security thus becomes less of an after-thought and more integrated into architectures, roadmaps and business.