Exploit kits for security writers
Yesterday, I stumbled upon an interesting twitter account, which attracted the attention of strange tweets addressed to the receivers. Attention attracted the following properties:
This kind of account name was obviously chosen in order to attract more attention.
Later, I shared the information with Peter Kruse , who discovered that the links are URLs to bogus exploit statistics pages, and they themselves contained an exploit code to install malicious code into the system of the user who followed this link.
')
Kafeine believes that in this case we are not talking about attacks on resellers, but rather a deliberate leak of statistics on the operation of the panels.
Brian's post http://krebsonsecurity.com/2013/08/personalized-exploit-kit-targets-researchers/ .
- The tweets were addressed to security supervisors ( Mikko Hypponen , tachion24 , Charlie aka Kafeine , Brian Krebs and Security Obscurity aka SecObscurity ), who do research on exploit kits.
- The name of the account "paunch big hecker" unambiguously hints at the famous person under the nickname Paunch , the author of Blackhole exploit kit.
- The content of the tweets hints at the fact that these are links to the statistics pages of the exploit kits (Nuclear Pack, Cool Exploit Kit), and the names of the sets are indicated.
This kind of account name was obviously chosen in order to attract more attention.
Later, I shared the information with Peter Kruse , who discovered that the links are URLs to bogus exploit statistics pages, and they themselves contained an exploit code to install malicious code into the system of the user who followed this link.
')
Kafeine believes that in this case we are not talking about attacks on resellers, but rather a deliberate leak of statistics on the operation of the panels.
Brian's post http://krebsonsecurity.com/2013/08/personalized-exploit-kit-targets-researchers/ .
Source: https://habr.com/ru/post/190314/
All Articles