A posting from Naked Security on Glazunov exploit kit:
The one I have chosen has been quite active of late, and has a few interesting characteristics I wanted to highlight. As it happens, I do not actually know its “official” name (as in the name assigned by the author), but it was originallychristened Glazunov by another researcher tracking it back in 2012 and the name seems to have stuck!
As I am sure most readers are aware, it is typical for exploit kits to rely upon injections of iframes into legitimate web sites in order to drive user traffic to the exploit kit. This is very much the classic drive-by download scenario. For those wanting a bit more background on this type of attack, take a look at this video, which clearly explains how the process works.
To read more click here: