This software makes life easier for hackers, and ours is harder

Previously, hackers had to create threats from scratch. Due to the complexity of the process, only criminals with a high level of training were involved in cyber attacks.

Today, ready-made tools make it possible to organize a cyber attack even for amateurs who, having bought it for several hundred dollars, can, for example, create a new spyware program based on existing templates. So the innovations of the most sophisticated targeted attacks are gradually coming to the masses, and the number of signatures is growing exponentially.


What are these tools?
This software is for organizing mass cyberattacks on network computers, which can be used by both beginners and professionals. This software allows cybercriminals to use many of the exploits contained in the kit for known vulnerabilities. Moreover, it allows you to automate attacks and configure the action of malicious programs in such a way as to avoid detection. According to our data, with its use of automation tools, about 60% of attacks are carried out, and this cannot but affect our work.

additional services
Today, many tools are often sold by subscription, which provides regular updates, the possibility of expanding functionality and technical support. Cybercriminals massively advertise the installation services of such tools, provide access to management consoles for a fee, and use commercial means of protection against pirates in order to avoid free use of these programs.

The increased profitability of cyberattacks stimulates the creation of more advanced tools with a wide range of functions. Additional services have appeared that direct users to malicious websites where their computers can be hacked: they use spam mailings, an aggressive strategy for optimizing search results (SEO), injecting code into legitimate websites, as well as malicious advertising.

Market Overview
The most popular cyber attack kits are MPack, Neosploit, ZeuS, Nukesploit P4ck, and Phoenix.

For example, Zeus's primary goal is to steal bank data. It is especially dangerous for small companies where they install fewer means of protecting financial transactions, and this makes them vulnerable and attractive to Zeus and scammers.

Widespread popularity and demand have contributed to the rise in prices for cyberattack kits. In 2006, the popular WebAttacker kit sold on the black market for $ 15. In 2010, ZeuS 2.0 is touted for nearly $ 8,000.

Nevertheless, the profitability of such attacks is obvious: in September 2010, a group of cybercriminals was arrested in the United States who are suspected of embezzling more than $ 70,000,000 using the Zeus toolkit from electronic banking and trading accounts that have been carried out for 18 months.

Evolution Image is clickable. Impact on protection tools. Partly because of such tools, antivirus companies have to create more signatures every year.







Due to the increase in their number, signature scanning is becoming more and more resource-intensive, which can negatively affect the performance of our computers. It is supplemented with heuristics and behavioral analysis, but this does not completely solve the problem. We at Symantec believe that the future is in the cloud of reputation technology, and we recently wrote about the dangers of antivirus scanning and our new technologies that allow us to detect threats without scanning at all - using a reputation system.

Install software updates!
Due to the rapid spread of knowledge about new vulnerabilities in systems and the possibilities of their use, within a few days after the discovery of vulnerabilities, cybercriminals begin to actively use them and attack organizations that have not yet managed to install the necessary patches.

Installing all the necessary updates (for OS, browsers, browser plug-ins, etc.) is very important. The vast majority of vulnerabilities on a typical system can be closed by simply installing all the necessary updates. Large companies with well-developed infrastructure should have a good vulnerability scanner that would detect them in the system, rank them by criticality and give the administrator an appropriate report on the system’s health and recommendations on how to fix it. Another important aspect is the automation of directly installing updates. She must be. Office employees should not be distracted while working to install updates, and the company should be sure that the latest patch of the Java plug-in is installed on the computer of its chief accountant, closing the known vulnerability,

Take care of your computers!

Regards,
Your Symantec