articletimestratnow

According to ComputerWeekly The distribution of crimeware software kits soared in September, with the numbers used against websites and end-users outstripping the whole for the three prior months. inches

Finjan, a security company reported on 10 different types of spyware toolkits being sold last month alone. This list includes: MPack, NeoSploit, IcePack, WebAttacker, WebAttacker2, and Multi-Exploit toolkits, as well as new toolkits like random. js, vipcrypt, makemelaugh, and dycrypt.

Each of these crimeware toolkits is being updated frequently to include recent exploits and the latest anti-forensic techniques. These new techniques enable them to bypass and escape sensors by traditional signature, reputation and URL based security products.

A Russian website was recently discovered selling the WebAttacker spyware development kit. This kit is available from their site relating to $15 US dollars.

WebAttacker is being marketed on the merits of its capacity infect computers. The kit includes scripts,ISO 9001 toolkit which are specialized sets of instructions for internet browsers to misinterpret. Scripts are generally as used by cyberpunks to infect computers.

One popular use is to send out spam emails on interesting topics to illegitimate websites. The unsuspicious web surfer then finds their personal computer being bitten by these scripts.

Another popular crimeware toolkit is MPack. This hacking toolkit has been selling relating to $1, 000 on the Russian underground. Finjan researchers reported in their advisory, "The crimeware is capable of taking account information from several banks around the world without leaving any collections behind".

Yuval Ben-Itzhak, Finjan's CTO declared in a written statement, "This form of attack is more dangerous than previous forms of phishing, which relied on deceitful websites because this attack happens on the consumer's own PC and is encrypted, it makes it extremely difficult to detect. After the customer fills in the site form on their website and clicks on the 'Log In' button, the crimeware, running on the infected user machine, intercepts the communication. The crimeware sends the intercepted UserID and code to the criminal's server, instead of sending it to the bank's server. The customer thinks they are still on the bank's website. But, they are actually sending data to the criminal's server over an encrypted connection. inches

Some of the more sophisticated spyware toolkits can even provide reports to the hacker tracking how many users he/she's infected, the kind of cell phone browser the victim is using, where they are located, and what type of malware was installed on their machine.

According to Finjan, a recently available study of control servers provided them with a look at some hackers' toolkit reports. Estimates based on these reports show that just 58 of these toolkit cyberpunks had infected half a million users.

The most alarming part of these kits and types of attacks is the low level of technical style required to implement them. Experienced cyberpunks initially were responsible for the majority of these types of infections. However, now even a child with low level tech skills can build spyware.

Crimeware kits give the power to infect computers all over the world to virtually anybody with a little technical knowledge and a computer and Internet connection.
These kits will undoubtedly boost the proliferation of malware on the internet in the coming decade.

To protect yourself, it is very important to have a comprehensive Internet security protection suite like StopSign Internet Security running on your machine at all times to spot, remove and protect against crimeware, spyware, worms and hacking.