Toolkits now used in the majority of cyberattacks

By

Kits allow criminals without hacking skills to engage in cybercrime.

Cybercrime attack "toolkits" have over the past few years become more accessible and are now used in the majority of internet attacks, according to a new report from Symantec.


Also called “crimeware", attack toolkits are bundles of malware used to facilitate the launch of attacks against networked computers, according to the report. These kits generally include malicious code for exploiting vulnerabilities in multiple applications and technologies, as well as tools to customise, deploy and launch widespread attacks.

Between July 2009 and June 2010, 61 percent of the web-based threat activity detected by Symantec was attributable to such kits, the report states.

“Attack kits are significantly advancing the evolution of cybercrime into a self-sustaining, profitable and increasingly organised economic model worth millions of dollars,” the report states.

The kits are also enabling those without technical hacking sophistication to engage in cybercrime, according to Symantec.

“In the past, hackers had to create their own threats from scratch,” Stephen Trilling, senior vice president of Symantec Security Technology and Response, said in a statement. “Today's attack toolkits make it relatively easy for even a malicious novice to launch a cyberattack. As a result, we expect to see even more criminal activity in this area and a higher likelihood that the average user will be victimized.”

The popularity of such attacks has ratcheted up the price of crimeware, according to the report. The popular toolkit WebAttacker sold for US$15 on the underground economy in 2006. In comparison, Zeus 2.0, the so-called “king of malicious code kits,” came with a price tag of US$8,000 in 2010.

Attack kits are often sold on a subscription-based model with regular updates, and some even come with support services, the report states. Cybercriminals advertise and rent access to the kits and use anti-piracy tools to ensure attackers cannot use the tools without paying.

The most prevalent attack tool kit is MPack, which was first released by a group of Russian developers in 2006. It uses IFRAME injections to launch attacks and is often copied and redistributed on the underground market, according to the report.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
cyberattacksinmajoritynowofsecuritytheused

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?