MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.


Defacement by "Exploit Pack's"

Defacing attacks, generally attributed to the activities of hacktivism and often called "script kiddies" (although now I think what best describes this kind of bad guys is: aspirant to criminals), passed the criminal background as a sort of whim or complaint against some exploit's pack who have certain vulnerabilities and has already begun to see some examples. However, this does not cut the criminal activities of this botmaster.

The image below shows it’s a "Blind Defacements" against Eleonore Exploit Pack, which means that it can only be viewed using the following botmaster circumvent the authentication process:

In the following case (found by Francisco Ruiz of MalwareIntelligence team), the defacing was made against a SpyEye.

Otros crimeware que podrían ser propensos a esto son:
Among the research community could say that look for vulnerabilities in the crimeware is a common activity and even as a hobby if I may say, aimed at any point of view is to make a defacing. With no doubt, the competition between "fans" of certain crimeware, "patriots" seeking annoy criminal activities by country of origin and other computer thieves who steal "clients" to other thieves computer is becoming extra activities within the ecosystem crime.

Related information
YES Exploit System and Crimeware-as-a-Service
State of the art in Eleonore Exploit Pack IISpyEye Bot (Part two). Conversations with the creator of crimeware
Liberty Exploit System. Otra alternativa crimeware para el control de botnets
ZoPAck. Nueva alternativa para la explotación de vulnerabilidades

0 comentarios:

Post a Comment