August 16, 2013 at 13:07Security exploit exploit kits
Yesterday I stumbled upon an interesting twitter account that caught the attention of weird tweets addressed to the receivers. Attention was drawn to the following properties:
This kind of account name was obviously chosen in order to attract more attention.
Later, I shared information with Peter Kruse , who discovered that the links are URLs to dummy pages of exploit statistics, and they themselves contained the code for using exploits to install malicious code into the user’s system that followed this link.
Kafeine believes that in this case we are not talking about attacks on the reservers, but rather about the deliberate leakage of the statistics of the panels.
Brian Post http://krebsonsecurity.com/2013/08/personalized-exploit-kit-targets-researchers/ .
- Tweets were addressed to security researchers ( Mikko Hipponen , tachion24 , Charlie aka Kafeine , Brian Krebs and Security Obscurity aka SecObscurity ), who are involved in research exploit kits and write about them.
- The account name “paunch big hecker” clearly hints at the famous person under the nickname Paunch , the author of Blackhole exploit kit.
- The content of the tweets hints that these are links to the statistics pages of the exploit sets (Nuclear Pack, Cool Exploit Kit), and the names of the sets themselves are indicated.
This kind of account name was obviously chosen in order to attract more attention.
Later, I shared information with Peter Kruse , who discovered that the links are URLs to dummy pages of exploit statistics, and they themselves contained the code for using exploits to install malicious code into the user’s system that followed this link.
Kafeine believes that in this case we are not talking about attacks on the reservers, but rather about the deliberate leakage of the statistics of the panels.
Brian Post http://krebsonsecurity.com/2013/08/personalized-exploit-kit-targets-researchers/ .