Senior threat intelligence man Yonathan Klijnsma says the website of the EC-Council, the organisation responsible for the Ethical Hacker certification, is serving the dangerous Angler exploit kit to infect PCs.
Klijnsma of Dutch firm Fox-IT says the website was serving the world's most highly-capable and dangerous exploit kit hours ago to users of Internet Explorer.
Checks by this writer appear to show it is still serving the exploit at the time of publication.
He says he informed the EC-Council and claims it "didn't seem to care".
Vulture South was unable to contact representatives of the council on multiple phone numbers by the time of publication.
Exploit kits are enjoying almost unrestrained compromise of millions of victims.
The most popular websites continue to serve compromised advertisements that deliver exploit kits.
Angler is served.
Victims who operate un-patched runtimes like Adobe Flash are notably vulnerable and may also be served with bundled ransomware that fleeces victims out of hundreds of dollars.
Un-patched Internet Explorer users are most at-risk and are often as in the EC-Council attack specifically targeted to the exclusion of Chrome and Firefox users. ®