MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.

14.8.09

Liberty Exploit System. Alternatively crimeware to control botnets

The black market controlled by cyber-criminals continues to create products 'competitive' in a business where the low cost of crimeware mark and justify its widespread use. In this sense, botnets are benefited by the development of web applications designed to make his administration an easy and intuitive; also constantly feed the criminal process to which they belong.

Another alternative is to sum this clandestine business is Liberty Exploit System, whose author recently made available to the cyber-crime a new version, 1.0.5, and which states that has an excellent value "price/ quality".

Its value is USD 500. For USD 20 more will get the "advantage" to access a vault, and other USD 50 is offered by the domain change when the user has been blocked, demonstrating the type of services it offers crimeware in general. Moreover, the system of payment is only via WebMoney.

Unlike its predecessor, version 1.0.4, built by default doesn't bring the exploitation of vulnerabilities in Sun Java JRE/JDK, but can be requested. Furthermore added an exploit for MS DirectShow. The package consists of the following exploits preinstalled:

MS06-014 Internet Explorer (MDAC) Remote Code Execution Exploit
PDF util.printf()
PDF collab.collectEmailInfo()
PDF collab.getIcon()
Flash 9
MS DirectShow

Some features to highlight the web application (malicious) is reacceso block the page, that is, only you can access the page that has the exploit once, after that, the crashes, the database is managed with MySQL, enhancements like to operate with large flows of information is interesting, very simple setup allows anti-analysis techniques include, among others.

With regard to the administration panel (incidentally simple, minimalist), through this detailed tracked statistically to the type and version of browser exploits, countries where zombies have the kind of traffic between others. Also, one thing that differentiates this crimeware, since not everyone possesses, is a graphical statistics system, in which cakes are generated important information on the above aspects. In the screenshot is an example.

This statistical system and collection of information is what draws attention, in general, in all crimeware of this style, because regardless of the perspective that we should look, not only to obtain information produced, which in other settings known as intelligence.

This leads to understand and begin to consider their just due, that the botnets, as we know them today, represent a serious security problem globally, not only by the spread of malware but also because they are used to perform other maneuvers to attack where the goals go beyond the home users.

Related information this Blog
Los precios del crimeware ruso. Parte 2
TRiAD Botnet III. Administración remota de zombis multiplataforma
Eleonore Exploits Pack. Nuevo crimeware In-the-Wild
Mirando de cerca la estructura de Unique Sploits Pack
Adrenaline botnet: zona de comando. El crimeware ruso...
YES Exploit System. Otro crimeware made in Rusia

Jorge Mieres

0 comentarios:

Post a Comment