New hacking tools on tap from Anonymous at this week's Black Hat
New generation of the Low Orbit Ion Canon, a malware maker and an Auto-own Windows kit
Because there are always big product announcements just before a big tech trade show: here are some highlights of the products coming out in time for or being announced at the Black Hat conference in Las Vegas this week:
Anonymous, already up for a Pwnie Award at Black Hat for its hack of HBGary, is also up for as many silver bracelets as the FBI and British police can award it.
Now it's making even more contributions to the state of the hacking art, with a replacement for the DDOS-attack software Low Orbit Ion Cannon (LOIC), which it made available to "members" (as it calls them) to use in its various operations.
The method relies on resource exhaustion –launching so many processes that the server is eventually overwhelmed – rather than flat-out drowning it in a flood of page requests, as in a DDOS attack.
Attacks are launched from the client side, sending a script along with a normal request to the target server.
Getting the server to accept the request and embedded script is a trick, but once it has done so, it continues to render new editions of it until the server crashes, according to a story in TheTechHerald, which interviewed one of the Anon involved in the development.
Seventeen seconds of it spiked PasteBin.org, where many Anonymi post their digital loot, and brought the system down.
A different set of malicious tools dubbed AnonWare is a framework for malware development, rather than being malware itself.
The code, written in C#, automates some of the process of virus-writing to make things easier on beginners and more efficient for experienced virus writers, according to a TechHerald interview with the developer.
“Ultimately, I would love for it to become the de-facto standard for open source viruses…really hoping that people start sending in code improvements so that AnonWare can begin to reach this goal.”
Fat chance, according to a Sophos researcher also quoted in the story, who called it an unimpressive, amateurish ad-hoc C# compiler that doesn't do much of anything for anyone they couldn't do with a different compiler.
Also hitting the streets in time for Black Hat is an "auto-hacking" app called winAUTOPWN that bundles together more than 500 exploits for known security flaws in commercial software, executables to run some of the better exploits, a multi-threaded PortScanner and an exploit-loading framework. (Documentation – PDF).
It's designed to crack a target with as little intervention (or chance of leaving tracks and getting caught) as possible on the part of the hacker.
I'm sure they'll be on display at the booths on the show floor, probably with plenty of schwag to hand out to passers by.