Not Cool, man: Potent new hacking toolkit costs crooks $10k a month The brains behind the Blackhole Exploit Kit is using profits from the hacking toolbox to buy up security exploits and create a far more formidable product. The ubiquitous Blackhole kit is usually installed on compromised websites and uses vulnerabilities in web browsers and other software to inject malware into visitors' PCs …
One thing I did notice on the linked Symantec report was that nowhere was it recommended that it is good practice to keep a backup of your computer on an external / removable drive, in case your drive gets encrypted and (of course) the computer never gets unlocked after the mark has paid the "fine".
Or perhaps I missed the point "buy Symantec products and you will be safe".... Was that too subtle for me to notice?
You could argue that what they're doing isn't illegal, even if they facilitate criminal activities by selling their tools. You would struggle to get much traction in the argument of prosecuting Stanley Tools for selling various methods for gaining entry to places that you are normally prevented from accessing.
Still, a nice pot of money to pay for lawyers to argue that when the authorities eventually catch up with you.
This is very worrying and depressing. Does this stuff work on ANY platform? If the answer is no, which platforms are safe? What about my android tablet using the Dolphin browser? What about that cute little 'android on a stick' gadget I've just bought and plugged into my TV? More than ever before this stuff has got me seriously considering a machine with no hard drive and a Linux variant booting live from a DVD...... sure, it's slow to boot up but just try infecting that!
In answer to your question - the only platforms to worry about are the popular ones, which are more likely to be focused on by criminals bent on finding a vulnerability to exploit. However there are many mitigations that lower your profile to attack. For those using Windows products, Secunia PSI is a good program to have on board. As it will notify you of vulnerabilities just as soon as they are publicly discovered. And of course always operate with limited rights. Other than that, it is always a good blended defense that can backup this first rule. Android has Avast Free Mobile Security, for instance.
Notice the "Free" word - so I hope you don't think I'm a shill - I don't sell any products of any kind anywhere.
Talking of mitigation, don't forget Emet.
Google 'Rationally paranoid' and you can find a great primer under the resources tab.
For those that don't know of course. Once EMET is set up, you can largely forget about it.
No performance hit. Oh and look on Dedoimedo's site for other good info on this toolkit.
Google 'dedoimedo emet' and you should be good.
Not a Microsoft fan either, but credit where credit is due.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
