State of Web Exploit Kits
نویسنده
چکیده
Web exploit toolkits have become the most popular method for cybercriminals to compromise hosts and to leverage those hosts for various methods of profit. This talk will give a deep dive on some of the most popular exploit kits available today including Black Hole and Phoenix and also take a look at some of the newer players that have appeared from Asia. An overview of how each kit is constructed and analysis of its observed shellcodes, obfuscations, and exploits will be presented to give a better understanding of the differences and similarities between these kits, ways that we have developed to harvest data from them and any trends that may be present.
منابع مشابه
Effective Analysis, Characterization, and Detection of Malicious Activities on the Web
The Web has evolved from a handful of static web pages to billions of dynamic and interactive web pages. This evolution has positively transformed the paradigm of communication, trading, and collaboration for the benefit of humanity. However, these invaluable benefits of the Web are shadowed by cyber-criminals who use the Web as a medium to perform malicious activities motivated by illegitimate...
متن کاملEKHunter: A Counter-Offensive Toolkit for Exploit Kit Infiltration
The emergence of exploit kits is one of the most important developments in modern cybercrime. Much of cybersecurity research in the recent years has been devoted towards defending citizens from harm delivered through exploit kits. In this paper, we examine an alternate, counter-offensive strategy towards combating cybercrime launched through exploit kits. Towards this goal, we survey a wide ran...
متن کاملBREWING UP TROUBLE: Analyzing Four Widely Exploited Java Vulnerabilities
Figure 1 shows the detection prevalence of CVEs exploited in the wild. Judging from the frequency of exploited vulnerabilities, Java Runtime Environment (JRE 7) appears to be the most frequently exploited platform. Introduction Java is widely used by developers—so much so that many applications and websites do not run properly without Java installed in users' systems. This widespread adoption m...
متن کاملCache, Trigger, Impersonate: Enabling Context-Sensitive Honeyclient Analysis On-the-Wire
Today’s sophisticated web exploit kits use polymorphic techniques to obfuscate each attack instance, making content-based signatures used by network intrusion detection systems far less effective than in years past. A dynamic analysis, or honeyclient analysis, of these exploits plays a key role in initially identifying new attacks in order to generate content signatures. While honeyclients can ...
متن کاملAnatomy of Exploit Kits - Preliminary Analysis of Exploit Kits as Software Artefacts
In this paper we report a preliminary analysis of the source code of over 30 different exploit kits which are the main tool behind driveby-download attacks. The analysis shows that exploit kits make use of a very limited number of vulnerabilities and in a rather unsophisticated fashion. Their key strength is rather their ability to support “customers” in avoiding detection, monitoring traffic, ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012