Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Cybersecurity
    • Cybersecurity
    • Development
    • IT Management

    How Attack Toolkits Impact the Cyber-Underground

    Written by

    Brian Prince
    Published January 18, 2011
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      A new report (PDF) from Symantec highlights just how much the spread of attack toolkits has lowered the barrier to entry for cyber-criminals.

      The kits have become fixtures on the digital shelves of the Internet’s black market, and are now used in the majority of Web attacks. According to the report, the most prevalent toolkits detected on malicious Websites between July 1, 2009, and June 30, 2010, were MPack (48 percent), NeoSploit (31 percent) and Zeus (19 percent).

      “It helps to draw a parallel between attack toolkits and HTML editing programs,” Marc Fossi, executive editor of the report and manager of research and development for Symantec Security Response, told eWEEK. “In the beginning, to design an HTML Web page you had to hand code the HTML in a basic text editor. Then WYSIWYG editors came along that allowed you to drag and drop elements but you still needed to know some HTML to tweak the code. Now, however, there are very powerful HTML editing suites that require very little knowledge of HTML to create complex multimedia Websites.

      “In a similar way, attack toolkits relieve the user from requiring the deep technical knowledge to write an attack, meaning a novice attacker can mount a sophisticated attack campaign using an attack kit without needing to know how to uncover vulnerabilities or how to exploit them,” he said. “Attack kits reduce or remove this necessity by including prewritten exploits and malicious code along with the means for distributing these attacks, all via a friendly user interface.”

      The earliest kits go back to the 1990s, according to Symantec. These kits were rudimentary, lacking features such as Web interfaces that would appear in later kits. One of the most advanced of these early kits was VMPCK, which first appeared in 1998. VMPCK was followed soon after by CPCK, which was notable for having a polymorphic engine to evade detection, something considered advanced at the time, according to the report.

      Later kits continued to gain in complexity. In 2006, WebAttacker appeared with exploit code for seven previously known vulnerabilities.

      “As with later attack toolkits, these vulnerabilities were client-side in nature and targeted users of Internet Explorer and Mozilla Firefox on Microsoft Windows operating systems,” according to the report. “WebAttacker included many features that became standard in later attack toolkits, such as detecting a victim’s browser and operating system, and tracking the success rate of attacks.”

      WebAttacker was first seen being advertised in underground forums for $15, a low price point that the report speculates was due to it being the first of its kind. MPack, which was released in 2006 as well, was initially seen selling for $1,000, though the price was eventually lowered significantly.

      Today, toolkits can range in price between a few hundred and several thousands of dollars. Though the kits are often updated with new exploits, old exploits are still prevalent.

      “Many of the kits keep stats on how many times an attack was launched at a target and how often the targets were successfully exploited,” Fossi explained. “The new exploits can be installed along with the existing exploits in the kit to provide a wider range of attacks launched. In fact, many kits tend to launch attacks targeting older vulnerabilities before the newer ones. This way if a target is compromised using an older exploit they don’t even attempt to exploit one of the newer ones. This helps to keep the newer exploits fresh and below the radar.”

      Brian Prince
      Brian Prince

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.