Inside Look Exploit Kit ‘Magnitude’ Released

Softpedia.com reported on 6th August, 2014 stating that security researchers of security firm Trustwave recently had a close analysis of the well-known Exploit Kit- Magnitude, which is a malicious package having large market share of exploit kit and it is famous for infecting high-profile websites like Yahoo Ad Network and PHP.net.

Trustwave examined its administration panel and learnt as regards the inner threats of the infamous EK which highlighted a well-oiled offense machine to disrupt its activity and avoid attempts from security enterprises.

The control page of the EK offered its users full information on the domain blacklisting, infection rates, antivirus or AV identification rates for the exploits, self-imposed geo-IP limitations limiting malware distribution and details of victim's computer (operating system and Internet-browser employed) and country.

Trustwave also reports that administration panel of Magnitude gives the most recent news about the EK. For example, cybercriminals notified that they decided to retune stats twice a week looming 'security' as the main reason.

"Security" in the criminal circumstances is clearly the opposite of the normal meaning: The cybercriminals are concerned about the payloads, Info-security community and industry blacklisting Magnitude domains, etc.

Statistic's data were reset and the mechanism for delivery was improved to increase the exploit rate.

This means the creator has improved the stability of the exploit. It is not easy to make the exploits work successfully on a variety of systems (operating systems, several browsers, plugins, etc.)

Researchers of Trustwave also highlighted that the kit delivered at least seven malware strains to the affected user permitting its patrons to employ their own maligned files.

In one month, researchers of Trustwave observed Magnitude attempting to exploit 1.1 million systems infecting 210,000 successfully. Most of the victims were regular domestic users but there were corporate and government victims in Canada and the U.S.

Experts observe that Magnitude provides its clients a solid base for creating malicious hits with low rate of detection. Blog.spiderlabs.com reported on 7th August, 2014 quoting experts as saying "the most renowned technique for not being detected in an attack is plainly restarting everything from scrape and fast."

» SPAMfighter News - 8/13/2014