MPack, NeoSploit and Zeus top most notorious Web attack toolkit list

By , Network World |  Security, botnets, Symantec

About two-thirds of malicious Web activity can be traced back to botnets and exploit code built using popular attack toolkits sold in the underground economy, according to a new Symantec report.

The top three attack toolkits in terms of malicious Web activity are MPack (48%), NeoSploit (31%) and ZeuS (19%), the notorious software used in botnet form to steal financial data and execute fraudulent transactions, according to the  report, which covers June 2009 through July 2010.  

BOOK REVIEW: Decoy networks, separation tactics part of AT&T security chief's infrastructure protection plans 

In analyzing the selling and software development tactics that could be deduced in this shadowy online world, Symantec notes the dog-eat-dog environment in the fight to oust rivals and gain criminally-minded customers willing to pay the price—from as low as $40 for some attack toolkits to as much as $8,000 and more for ZeuS—along with any specialized services for malware.

Symantec, like other IT security vendors, has no choice but to delve into  the world of attack toolkits since so many security countermeasures, such as anti-virus signatures to protected unpatched computers, have to be designed based on what the crime world's software developers do. Kevin Haley, director of Symantec Security Response, says to his knowledge it's not illegal to develop attack toolkits, just to use them in some form to commit an actual crime.

"We believe the tremendous growth of malware we've seen in the last two years is driven by these toolkits," he says.

These attack toolkits make it fairly easy for anyone to get into rackets that include everything from running botnets for spam, financial crime and denial-of-service attacks to just the process of compromising PCs with malicious trojans through Web drive-by downloads, often from legitimate websites that have been compromised.

SECURITY UPDATE: Kama Sutra malware threatens to put Windows users in awkward position 

Known adult entertainment and video streaming websites, along with their misspelled-typo equivalents, are said to be the most likely types of sites searched for that attackers load up with malware. Games, music, software/technology and file-sharing are far less likely spots, according to the report. "The bad guys know what people are searching for," says Haley.

VULNERABILITY TARGETS


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness