Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Websense Investigators Find Fresh Attack Kit

Investigators from Websense the security company say that they have detected one fresh exploit toolkit that reportedly stopped functioning from January 1, 2011.

Actually, the attack page of this kit contains a code that by utilizing a malicious JavaScript enables the kit to become highly disguised, although it has been found that the process of the disguise relies on whatever date the infected computer shows.

Explains security researcher Chris Astacio at Websense, on viewing the script, one will find that for obtaining the prevailing date that's possible via the JavaScript module, the Date() element gets utilized. Later, the element 'iilq,' wherein the assigned date lies, utilizes the getFullYear() technique as well as displays the prevailing date short of one day, he continues. Softpedia.com published this in news on January 3, 2011.

Ultimately, a variable named e2009al is created that gets revealed through an utility called .replace("2009", "v"), with the assessment representing a crucial aspect for understanding the script.

But here lies the problem i.e. beginning with January 1, 2011, e2009al got converted to e2010al, while the desired influence of .replace("2009", "v") got eroded.

Remarking about the same problem, Astacio posted on Websense's official blog that conclusively, it could be merely assumed that the authors of the exploit toolkit inadvertently caused the above problem; however, there might be a solution for it. Nevertheless, according to the researcher, the exploit kit's authors must have been unaware about causing the problem since they possibly hired others to disguise their attacks alternatively they disguised their toolkits via the utilization of off-the-shelf software. Websense.com published this on December 30, 2010.

Meanwhile, according to the security investigators, exploit toolkits, which are referred to as attack kits too, have borne a wide acceptance within the cyber-criminal community since the past few years. These, utilized like 'Command Control' within online assaults, have reduced cyber-crimes' rate of entry as well as resulted in one fresh ecosystem where several players play their individual roles.

Eventually, for staying safe from such malicious attack kits and their infections, security specialists recommend end-users that they should routinely make their systems up-to-date with the latest patches.

Related article: Websense Discovered Malicious Social Networking Spam Campaign

ยป SPAMfighter News - 12-01-2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next