Mpack Exploit Tool Slips through Security Holes
Researchers have been charting the rise in threats created by a new software exploit tool known as "Mpack," a virtual attack kit designed to be embedded in hacked or malicious Web sites. It targets security holes in multiple software products, including Apple's QuickTime media player, and outdated Windows plug-ins for Mozilla's Firefox and Opera Web browsers.
Security Fix constantly nags readers to apply software security updates. And I badger you about patches for Microsoft Windows machines and for fixes for applications designed to run on top of operating systems. This new attack being closely tracked by security researchers serves as a chilling reminder of how important it is to secure these third-party applications.
The tool has been spotted on more than 10,000 Web sites, according to Internet security firm Websense. Users who visit one of these sites without the protection afforded by the latest patches for those programs may be hit with a silent download that tries to steal financial and personal data from the victim's machine.
Many of the sites hosting the malicious program are legitimate sites that have been hacked. Security vendor TrendMicro says it has identified more than 1,100 legitimate sites that are serving up the exploit code. TrendMicro reports that initially, the primary targets were English-language Italian sites, but that attackers increasingly are targeting sites in the United States and elsewhere.
Mpack is another one of these toolkits enabling the attackers to manipulate infected machines through a spiffy, Web-based interface. Some other facts about Mpack illustrate just how brazen and organized the e-crime software business has become. According to detailed analysis by researchers at anti-virus maker Panda Software, the toolkit is being sold on Russian e-crime forums for roughly $700, includes a year's worth of free software support, and is guaranteed to bypass all anti-virus programs at the time of purchase. Extra exploit modules can be purchased for prices ranging from $50 to $150.
June 18, 2007; 4:15 PM ET
Categories: Fraud , Latest Warnings , New Patches , Safety Tips
Save & Share: Previous: PayPal to Roll Out Buyer Vetting Service
Next: Glubble: The Web in a Kid-Friendly Bubble
Posted by: Hmmm... | June 18, 2007 6:38 PM | Report abuse
Posted by: Matt | June 19, 2007 9:28 AM | Report abuse
Posted by: Bk | June 19, 2007 10:46 AM | Report abuse
Posted by: Bob | June 19, 2007 11:30 AM | Report abuse
Posted by: TJ | June 19, 2007 11:28 PM | Report abuse
Posted by: hhhobbit | June 21, 2007 4:45 AM | Report abuse
Posted by: xaralampos C | June 21, 2007 5:14 AM | Report abuse
Posted by: J. Warren | June 21, 2007 7:47 AM | Report abuse
Posted by: SysAdmin | July 3, 2007 11:16 AM | Report abuse
Posted by: SysAdmin | July 3, 2007 11:18 AM | Report abuse
The comments to this entry are closed.