The sudden change in distribution was spotted on Monday by researchers at the SANS Internet Storm Center. The Angler Exploit Kit typically seeks to attack computers by exploiting Java and Flash Player vulnerabilities as well as the Microsoft Silverlight plugin. The move comes as security experts report a resurgence of the CryptXXX ransomware that was recently revamped with new encryption algorithm and a new StillerX credential-stealing module that gives attackers additional capabilities to monetize an attack. SANS said groups behind Angler have dropped CryptXXX like a rock, for now.
Source: https://threatpost.com/cryptxxx-ransomware-jumps-from-angler-to-neutrino-exploit-kit/118570/