Mpack Malware Exploit Creates Downloader Trojans
NanoScan detected an exploit that prompted PandaLabs to track and uncover Mpack, an application that helps download malicious programs onto others' computers by exploiting a number of flaws. There have been many cases where Mpack was used. One of them is the infection of 160,000 computers, according to PandaLabs.
Mpack is apparently featured like a legal application, such as client updates. These updates are distinct versions of the program and are really the exploits that take advantage of new vulnerabilities. Normally, every month there is a new exploit whose cost ranges from $50 to $150, informs Luis Corrons, technical director of PandaLabs. Net-security published this in news on May 14, 2007.
Malicious clients can get DreamDownloader for an additional $300. This tool creates downloader Trojans. This is how it works: when the hacker signals DreamDownloader about a particular URL, which hosts the malware file (a worm, a Trojan, or an update etc.) it creates an executable, which downloads the malware.
The two applications are complementary, says Corrons. The first one allows the malevolent client to infect a PC with the chosen malware. The second one allows developing the malware, which downloads even more treacherous code, describes Corrons, as published by Net-security on May 14, 2007.
The statistics on the application helped to gather the data. Other than infecting a number of users' PCs, the page allows cyber miscreants to record the attacked host's data according to two categories - operating system and browser. The page also assigns value to the efficacy of infections on the basis of geographical areas.
The point of concern is that 70 percent of legitimate Web sites host such malware, which hackers have been targeting. So, malware no longer resides only in the hidden corners of the Internet. It has become more exposed.
Google has rightly highlighted Graham Cluley's statement that the trend is worsening and creating "considerable problem" for entrepreneurs and consumers.
Graham Cluley, senior technology consultant at Sophos said that on average 8,000 new websites hosting malware came up in every week during the month of April this year. Techzonez published this as news on May 14, 2007.
Related article: MPack Discloses Stingy Web
» SPAMfighter News - 19-05-2007