The crime packs used by criminals to create malware campaigns to compromise and control victims’ computers rarely use original attacks, instead relying on reusing techniques found in publicly released exploit code.
An analysis of 18 exploits used by the top-20 crime packs found that the crucial code used in each attack could be traced back to information released by a security researcher, a blog post posted by a security firm describing the exploit, or a sophisticated attack created for an espionage campaign. The analysis, presented by Trail of Bits’ CEO Dan Guido at last month’s BruCon security conference, highlights the dangers that exploit code can pose in a software ecosystem that is slow to patch known vulnerabilities.
“There are pros and cons: The APT groups get by fine totally on their own, they create their own exploits totally in house, and there is value from a defensive point of view to understanding how these exploits work and what their limitations are,” says Guido. “On the other hand, when you see all these security researchers beating up on Java, you know that code is going to slot right into a space waiting for it.”
SOURCE: darkreading.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
A worrying trend for Australians The Latitude Financial attack clearly…
It is not unusual for companies to keep hold of…
“First of all, it should be praised that Ferrari have…
These findings aren’t very surprising given that unpatched zero-days provide…
These figures from Mandiant highlight how attackers are continuing to…