Tag Archives: Java Webstart

Crimepack: Packed with Hard Lessons

August 5, 2010

Exploit packs — slick, prepackaged bundles of commercial software that attackers can user to booby-trap hacked Web sites with malicious software — are popular in part because they turn hacking for profit into a point-and-click exercise that even the dullest can master. But one reason I’ve focused so much on these kits is that they also make it easy to visually communicate key Internet security concepts that often otherwise fall on deaf ears, such as the importance of keeping your software applications up-to-date with the latest security patches.

One of the best-selling exploit packs on the market today is called Crimepack, a kit that I have mentioned at least twice already in previous blog posts. In this post, we’ll take a closer look at the “exploit stats” section of a few working Crimepack installations to get a sense of which software vulnerabilities are most productive for Crimepack customers.