Cisco has disrupted a significant international revenue stream generated by the notorious Angler Exploit Kit. Angler is one of the largest exploit kits found on the market and has been making news as it has been linked to several high-profile malvertising/ransomware campaigns. Cisco determined that an inordinate number of proxy servers used by Angler were located on servers of service provider Limestone Networks. The primary threat actor responsible for up to 50 percent of Angler activity, targeting up to 90,000 victims a day, and generating more than $30M annually.”]
Source: https://blog.talosintelligence.com/2015/10/threat-spotlight-cisco-talos-thwarts.html