MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.

28.3.10

iPack y GOLOD. New on the scene crimeware criminal

The supply and demand in terms of alternatives crimeware continues to grow, and in recent months some alternatives have emerged, including iPack and GOLOD.

GOLOD charger is a resident (resident loader) written in C ++ and of Russian origin who tries to insert into the crime scene at a cost of USD 500 for their implementation in the domain of the buyer, plus USD 675 in case of acquisition with a domain and USD 60 more if it includes the cleaning of crimeware.

Upgrades are free and the developer offers 24x7 support rate. Its sale was implemented during the first days of March 2010.

It works in virtually all Microsoft operating systems and like all crimeware of this management style allows botnets through the C&C through the web.

While this type of crimeware not say much and ends up being an also-ran, it's interesting to see how criminals try to wash their hands towards the development of applications.

That is, according to the laws of each country can be a bit ambiguous think that development of applications designed simply to spread malware and also be encouraged, it's legal or illegal.

Then the author left a sentence that reflects the above:

“Программа представлена для ознакомительных и исследовательских целей. Ответственность использования ее в незаконных целях лежит на плечах того, кто ееиспользует.”

Something like:

“The program is developed for educational and research purposes. The liability for illegal use of it falls on the shoulders of his employer for these purposes.”

Moreover, in the case of iPack is an exploit pack also emerging and whose value is USD 500 per package, with the encryption option and change domains for USD 100 more.

Despite having a name and a design that is directly related to Mac OS products, far away from being a crimeware is oriented to these platforms.

Exploits that the package contains default are all for Windows platforms:

MDAC (CVE-2006-0003) – (MS06-014)
PDF collab.getIcon (CVE-2009-0927)
PDF Util.Printf (CVE-2008-2992)
PDF collab.collectEmailInfo (CVE-2008-0655)
PDF Doc.media.newPlayer (CVE-2009-4324)

Finally, new options in the scenery of fraudulent business representing crimeware.

Related information
myLoader. Framework for the management of botnets
SpyEye. New bot on the market
State of the art in Eleonore Exploit Pack
Siberia Exploit Pack. Another package of explois In-the-Wild
RussKill. Application to perform denial of service attacks
DDoS Botnet. New crimeware particular purpose
JustExploit. New Exploit kit that uses vulnerabili...
Fragus. New botnet framework In-the-Wild
ZeuS Botnet y su poder de reclutamiento zombi
Liberty Exploit System. Alternatively crimeware to...

Jorge Mieres

0 comentarios:

Post a Comment