Tag Archives: exploit pack

New Java Attack Rolled into Exploit Packs

March 27, 2012

If your computer is running Java and you have not updated to the latest version, you may be asking for trouble: A powerful exploit that takes advantage of a newly-disclosed security hole in Java has been rolled into automated exploit kits and is rapidly increasing the success rates of these tools in attacking vulnerable Internet users.

Crimevertising: Selling Into the Malware Channel

February 8, 2012

Anyone who’s run a Web site is probably familiar with the term “malvertising,” which occurs when crooks hide exploits and malware inside of legitimate-looking ads that are submitted to major online advertising networks. But there’s a relatively new form of malware-based advertising that’s gaining ground — I’m calling it “crimevertising” for lack of a better term — that involves running otherwise harmless ads for illicit services inside of commercial crimeware kits.

At its most basic, crimevertising has been around for many years, in the form of banner ads on underground forums that hawk everything from hacking services to banking Trojans and crooked cashout services. More recently, malware authors have started offering the ability to place paid ads in the administrative panesl that customers use to control their botnets. Such placements allow miscreants an unprecedented opportunity to keep their brand name in front of the eyeballs of their target audience, and for hours on end.

Exploit Packs Run on Java Juice

January 10, 2011

In October, I showed why Java vulnerabilities continue to be the top moneymaker for purveyors of “exploit kits,” commercial crimeware designed to be stitched into hacked or malicious sites and exploit a variety of Web-browser vulnerabilities. Today, I’ll highlight a few more recent examples of this with brand new exploit kits on the market, and explain why even fully-patched Java installations are fast becoming major enablers of browser-based malware attacks.

Crimepack: Packed with Hard Lessons

August 5, 2010

Exploit packs — slick, prepackaged bundles of commercial software that attackers can user to booby-trap hacked Web sites with malicious software — are popular in part because they turn hacking for profit into a point-and-click exercise that even the dullest can master. But one reason I’ve focused so much on these kits is that they also make it easy to visually communicate key Internet security concepts that often otherwise fall on deaf ears, such as the importance of keeping your software applications up-to-date with the latest security patches.

One of the best-selling exploit packs on the market today is called Crimepack, a kit that I have mentioned at least twice already in previous blog posts. In this post, we’ll take a closer look at the “exploit stats” section of a few working Crimepack installations to get a sense of which software vulnerabilities are most productive for Crimepack customers.

iPack Exploit Kit Bites Windows Users

April 16, 2010

Not long ago, there were only a handful of serious so-called “exploit packs,” crimeware packages that make it easy for hackers to booby-trap Web sites with code that installs malicious software. These days, however, it seems like we’re hearing about a new custom exploit kit every week. Part of the reason for this may be that more enterprising hackers are seeing the moneymaking potential of these offerings, which range from a few hundred dollars per kit to upwards of $10,000 per installation — depending on the features and plugins requested.

A Peek Inside the ‘Eleonore’ Browser Exploit Kit

January 25, 2010

If you happen to stumble upon a Web site that freaks out your anti-virus program, chances are good that the page you’ve visited is part of a malicious or hacked site that has been outfitted with what’s known as an… Read More »