Eleonore Attack Toolkit Now in Fresh Edition, States Kaspersky
Investigators from Kaspersky the security company caution that one fresh edition of the notorious exploit pack namely Eleonore is out in the wild.
Notably, Eleonore represents a very sophisticated and popular attack toolkit, which hackers use for carrying out drive-by download assaults. It, similar to several other toolkits, features a model that is subscription-based and modular, which facilitates buyers to acquire the toolkit by paying one price and subsequently less and less fees to acquire future updates as well as extra exploits.
Presently, the Eleonore kit is available at a $2,000 price while updates are available at $100 each. Any client, who wishes for accommodating the attack kit onto extra domains, will be required to pay additionally. Meanwhile, analysts of Eleonore's earlier editions have found that the kit possesses each and every capability which anybody is likely to expect, particularly that of eluding malware-detection software as also the ability to prevent investigators from doing an analysis of the kit as such, Kaspersky observes.
Moreover, remarking about the Eleonore's latest edition, Senior Security Researcher Kurt Baumgartner at Kaspersky Lab stated that Eleonore's creator, Exmanoize had apparently included zero-day security flaw and certain attack codes for increasing the value of the extremely costly kit. According to the researcher, crime syndicates had been utilizing the kit for delivering malware payloads and exploits on the client side increasingly on the Web, while additional sophisticated attacks were expected from these syndicates in future. Threatpost.com published this on February 8, 2011.
Observes security company Kaspersky, it isn't still wholly clear what this zero-day flaw is which Eleonore's latest version is targeting; however, the Cascading Style Sheet (CSS) flaw of Internet Explorer appears quite likely. The flaw happened to be uncovered during December 2010 whose exploitation lets the execution of remote code, and whose proof-of-concept too has been developed that evades Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), the company outlines.
Eventually, it's highly recommended that Web-surfers maintain up-to-date operating systems and other software for remaining safe from drive-by download assaults, while using an effective anti-virus application that has an element for Web protection is crucial too.
» SPAMfighter News - 16-02-2011