MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.


Eleonore Exploits Pack. New Crimeware In-the-Wild

The business represents the crimeware into the underground world of web applications marketing plays an important role in the business plan of the Russian developers spend much time in creating this style threats.

There are several similar packages that we discussed during the short existence of this blog and every day there are more that come with the intention of enhancing the economy of the authors. In this case, is in "freedom" a new version of Eleonore Exp (shorthand Eleonore Exploits Pack) that the complainant has submitted under the caption "Hello! I now present new exploits russian pack v1.2 Eleonore Exp".

This new package is designed in the first instance, for exploiting the following vulnerabilities:

Telnet - Opera
Font tags - FireFox
PDF collab.getIcon
PDF Util.Printf
PDF collab.collectEmailInfo
DirectShow DirectX

The installation process is very simple and is done through the install.php file, the settings specified in config.php and malware by default is called load.exe (in case of changing the name, modification must be reflected in the configuration file).

In the next screen capture shows the statistics from which they sprang interesting facts related to the total targeted operating systems, browsers through which exploited a vulnerability with their respective versions, many countries discriminated against zombies and exploits used .

As for prices, this crimeware is marketed at a cost of USD 700 and this value corresponds only to the kit without extra components as a crypter (whose aggregate value is USD 50). By default, is linked to a domain, ie, bought and used directly without further proceedings.

However, if the buyer prefers to untie the package of any of the domains with which it's sold, you can do but pay the sum of USD 1500 for the complete kit. On the other hand, it also offers a combo in which buyers purchase the first three plus Eleonore Exp v1.2 crypter worth USD 600.

For previous versions, the costs are:

Eleonore Exp v1.0 = USD 300 (originally cost USD 599): it has DirectX DirectShow and Spreadsheet
Eleonore Exp v1.1 = USD 500: Spreadsheet hasn't

As usual, the holding botmasters previous versions can update new exploits and malware upload functionality through the admin panel locally (from your computer) or remotely (from a zombie).

Obviously, the fraudulent services in the acronym CaaS framed, Crimeware as a Service, increasing exponentially as time goes underground world to develop and commercialize various actors involved sonde being the creator of crimeware and botmaster (who generally buy or an initial rent web applications), the most important players. 

Related information this Blog
TRiAD Botnet II. Administración remota de zombis multiplataforma
TRiAD Botnet. Administración remota de zombis en Linux
Especial!! ZeuS Botnet for Dummies
Botnet. Securización en la nueva versión de ZeuS
Los precios del Crimeware ruso
Comercio Ruso de versiones privadas de crimeware ¡Aproveche la oferta!
ElFiesta. Reclutamiento zombi a través de múltiples amenazas
Mirando de cerca la estructura de Unique Sploits Pack
Adrenalin botnet: zona de comando. El crimeware ruso marca la tendencia
YES Exploit System. Otro crimeware made in Rusia
Creación Online de malware polimórfico basado en PoisonIvy

Jorge Mieres

0 comentarios:

Post a Comment