Tornado Exploit Toolkit, New Aid to Website Attacks

Software security specialist, Symantec, issued a warning to computer users on April 22, 2008 that the Tornado exploit toolkit, found recently on the Internet, was a highly sophisticated kit that might be forerunner of future events. It is scaring evidence of the methods hackers implement to exploit the vulnerabilities. The Tornado toolkit contains codes to exploit 14 different vulnerabilities. It also includes the admin pages and displays the common statistics.

Vice President of Development, Alfred Huger, Symantec, said that the low profile status assigned to these kinds of exploit kits is rather unusual, but it seems that the people behind their creation have been unusually careful, as reported by SCmagazine on April 22, 2008.

Huger said that the toolkit is designed to be a service in itself. An attacker would have to pay for its subscription to avail a console for using it to wage attacks on different sites. The kit would manage the attacker's victims on his behalf and even organizes a vast number of systems that are compromised.

When the attacker logs into the Tornado administration control line, the page displaying statistics appears. It tells the number of people who visited the exploit kit and the number of them who were successfully manipulated via crash down of their operating system and of the Web browser they used.

It seems traffic is drawn to the exploit pack via Web pages that has been hacked. Traffic generated for this site is via the method of logging onto valid ftp accounts with the help of stolen credentials and by searching for every html file. On finding one html file, an iframe is injected into the page that links to the Tornado pack.

It appears the Tornado toolkit targets mainly smaller, private Websites by modifying their pages. However, there is a possibility of large business sites could eventually be attacked. The kit normally infects Websites that abuse browser vulnerabilities.

Once the hacker infects the site, he could download malicious code onto the visitor's computer and gain access to the user's financial information or make a bot out of the system.

Related article: Trend Micro Detects Spam Mail Declaring World War III

» SPAMfighter News - 25-04-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial