Bobcares

For every $500 you spend, we will provide you with a $500 credit on your account*

BLACK FRIDAY SPECIAL

*The maximum is $4000 in credits, Offer valid till November 30th, 2024, New Customers Only, Credit will be applied after purchase and expires after six (6) months

For every $500 you spend, we will provide you with a $500 credit on your account*

BLACK FRIDAY SPECIAL

*The maximum is $4000 in credits, Offer valid till November 30th, 2024, New Customers Only, Credit will be applied after purchase and expires after six (6) months

Vulnerabilities in exploitation kits?

by | Jun 24, 2010

Many hackers prefer to design and use their own tools to search for and attack vulnerable sites, but a majority of them use various exploitation “kits“. Some of the most common ones are Zeus, Neosploit, Eleonore and Justexploit. The developers of these kits constantly include 0-day vulnerabilities in the latest versions of their malware. Since most of these kits are open-source, users can also modify the code to include vulnerabilities known to them. Exploitation kits have been available for many years, and millions of users have suffered. However a study by recently established security company TEHTRI-Security suggest that the malware “kits” themselves have vulnerabilities!

 

Laurent Oudot of TEHTRI-Security made a presentation titled “STRIKING BACK WEB ATTACKERS” at SySCAN last week. I did not attend, but would have loved to. Especially since he said things like “This talk proposes to think further and to re-balance the Internet war between the light side and the dark side. We will add a new way to behave when evil hackers are caught on a host.“. Oudot goes on to describe how security experts could take advantage of vulnerabilities in these exploitation kits, thus enabling security experts to collect information about the hackers, or even strike back to the computers from which the hack is originating. However this does not supersede the international and local laws applicable, but it does point us in a new direction on how to handle these attacks. Maybe it is time we started working less on our defense and more on our offence!

 


About the Author:

Hamish works as a Senior Software Engineer in Bobcares. He joined Bobcares in July 2004, and is an expert in Control panels and Operating systems used in the Web Hosting industry. He is highly passionate about Linux and is a great evangelist of open-source. When he is not on his xbox, he is an avid movie lover and critic.

0 Comments

Never again lose customers to poor
server speed! Let us help you.