Tuesday, 4 September 2007

Off the Shelf Malware with 1 Year Technical Support!

It’s common knowledge within the security industry that you can hire hackers, hire out the use of botnets and even buy zero day exploits, malicious scripts and viruses, but what surprised me recently, is that you can buy packaged Malware, which even comes with technical support. Recently one such package, MPack, a PHP malware kit put together by Russian hackers has been causing problems. MPack can be bought for £500 ($1000), and includes a year of technical support and options of purchasing extra exploitation modules. MPack exploits the latest vulnerabilities in M$ Windows web browsers; oh it is browser aware as well, so Opera and FireFox won’t save you. For the most part an infected MPack website scans your browser and OS for security flaws, and if it finds any it exploits them, as well as storing stats about your system for future reference. The fact the MPack product can be regularly updated by the hackers producing it, is its greatest danger, as it means it can stay ahead of Anti Virus products signature updates (i.e. undetected by Anti Virus) and use the latest discovered zero day exploits.

MPack has been around since December 2006 and has been used to infect completely legitimate websites, most notable in Europe, where Italy’s largest website hosting companies had been infected and MPack embed within legitimate websites, which attacked any computer visiting the infected website. It is believed hundreds and thousands of users were affected by the Italian attack alone.

If you want to stay protected, I suggest keeping your OS Patches and AV signatures up-to-date. Although legitimate websites have been hit by this, I wager the MPack product will be and is being used on “no so legitimate” websites.


Anonymous said...

All good companies ought to have strict policies in place regarding
harassment, whether it is of a sexual or racial nature.

While the legal expense to set up such a policy is hefty up front, you will surely save yourself a large headache later.

Harassment is simply unacceptable in the workplace.

Here is my weblog ... nursing jobs in san antonio tx

Anonymous said...

Greetings! I've been reading your site for some time now and finally
got the courage to go ahead and give you a shout out from Humble Texas!
Just wanted to mention keep up the excellent job!

Here is my site ... ipage Recommendations

Anonymous said...

I'm amazed, I have to admit. Seldom do I encounter a blog
that's both equally educative and engaging, and without a doubt, you've hit the nail on the head.
The issue is something not enough people are speaking intelligently about.
Now i'm very happy I stumbled across this during my search for something relating to this.

My web blog vexxhost reviews

Anonymous said...

Do you mind if I quote a couple of your posts as long as I provide credit and sources back to your site?
My blog is in the exact same niche as yours and my users
would definitely benefit from some of the information you provide here.
Please let me know if this ok with you. Many thanks!

Also visit my webpage webpage

Anonymous said...

I don't even know the way I ended up here, but
I believed this publish was once good. I don't recognise who
you're however certainly you're going to a famous blogger if you aren't already.


Here is my blog post :: N/A (http://makale.anilbirgul.com/)