Vulnerabilities in exploitation kits?
Many hackers prefer to design and use their own tools to search for and attack vulnerable sites, but a majority of them use various exploitation “kits“. Some of the most common ones are
Zeus, Neosploit, Eleonore and Justexploit. The developers of these kits constantly include 0-day vulnerabilities in the latest versions of their malware. Since most of these kits are open-source, users can also modify the code to include vulnerabilities known to them. Exploitation kits have been available for many years, and millions of users have suffered. However a study by recently established security company TEHTRI-Security suggest that the malware “kits” themselves have vulnerabilities!
Laurent Oudot of TEHTRI-Security made a presentation titled “STRIKING BACK WEB ATTACKERS” at SySCAN last week. I did not attend, but would have loved to. Especially since he said things like “This talk proposes to think further and to re-balance the Internet war between the light side and the dark side. We will add a new way to behave when evil hackers are caught on a host.“. Oudot goes on to describe how security experts could take advantage of vulnerabilities in these exploitation kits, thus enabling security experts to collect information about the hackers, or even strike back to the computers from which the hack is originating. However this does not supersede the international and local laws applicable, but it does point us in a new direction on how to handle these attacks. Maybe it is time we started working less on our defense and more on our offence!
About the Author:
Hamish works as a Senior Software Engineer in Bobcares. He joined Bobcares in July 2004, and is an expert in Control panels and Operating systems used in the Web Hosting industry. He is highly passionate about Linux and is a great evangelist of open-source. When he is not on his xbox, he is an avid movie lover and critic.