August 25, 2014 | By Jérôme Segura
"The Bait
The drive-by
Those of you familiar with exploit kits will have recognized a landing page for the RIG EK. So as your browser loads the fake YouTube page another one is fetched in the background, triggering an exploitation and infection chain:
[img]https://blog.malwarebytes.org/wp-content/uploads/2014/08/fiddler.png[/img]
In this particular case you are hit with a Silverlight and Flash exploit before the final payload is dropped (VT link)."
Full Article