New exploit kit concentrates on Java flaws
Posted on 05 March 2013.
Bookmark and Share
Webroot's Dancho Danchev is known for combing through the wilds of the Internet for places where cyber criminals congregate and reporting back with interesting news about tools and services offered for sale.


Among those is a brand new exploit kit that, for now, concentrates only on exploiting Java flaws. The vulnerabilities in questions are CVE-2012-1723 and CVE-2013-0431, but more exploits are to be added soon, say its creators.

Cyber crooks can rent the kit for 24 hours, a week or a month, paying respectively $40, $150 and $450 for the service. But, is it worth it?

The infection rate for a campaign using this kit is 9.5 percent, which is considerably lower than that promised by sellers of more popular - and versatile - exploit kits.

In terms of innovation, there's not much to note.

"For the time being, customers can choose whether they want to manually rotate the client-side exploits serving domains/IPs, or whether they’d want the cybercriminals selling the kit to do it for them as a managed service. Customers of the exploit kit will also receive notifications one their domains start getting detected by security vendors, through the Domain Check service," says Danchev.

"Naturally, the cybercriminals behind the exploit kit are outsourcing the entire process instead of building the capability in-house. Also, for the time being, the exploit kit can only be rented on bullet proof servers operated by the cybercriminals pitching it, but if customers want to use it on their own servers, they would have to personally request this from the vendor."

He doubts that the kit's developers will have much success, especially because Java vulnerabilities have lately been big news and users - both home and enterprise ones - have been repeatedly advised to disable Java for the time being.









Spotlight

Identifying security innovation strategies

Posted on 14 April 2014.  |  Tom Quillin is the Director of Cyber Security Technology and Initiatives at Intel Corporation. In this interview he talks about security innovation, current and future threats.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Apr 16th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //