Saturday, September 19, 2009

Phoenix Exploit's Kit. Another alternative for controlling botnets

This is another of the alternatives in the underground market crimeware. In this case, another web application developed in PHP and originally from Eastern Europe. Phoenix Exploit's Kit.

This package consists of nine (9) exploits:
  • IE6 MDAC
  • MS Office Snapshot
  • PDF Collab / printf / getIcon in Adobe Reader
  • IE7 MEMCOR in Internet Explorer 7, Windows XP and Windows Vista
  • FF Embed
  • Flash 9 in plugin vulnerable of Shockwave Flash
  • IE6/IE7 DSHOW
  • JAVA in JRE
  • Flash 10 in the versions 10.0.12.36 and 10.0.22.87 of Flash Player
As information processing, Phoenix allows, as is usual in most such programs, to obtain statistical data on the types of browsers (MSIE, Firefox, Opera, etc.), versions of browsers, operating systems such infected countries of origin and some more data that together they become a normal intelligence process conducted by the botmasters.

While Phoenix Exploit's Kit isn't a recent development, the first version emerged in the heyday of this type of crimeware (2007), currently in the "business" underground at a price that raced around USD 400 when purchased with a domain.

Phoenix joins the collection and supply of a criminal world that moves everyday gear dark underground and illegal businesses on the Russian market of crimeware.

Related information
iNF`[LOADER]. Control de botnets, marihuana y (...) malware
Fragus. Nueva botnet framework In-the-Wild
Liberty Exploit System. Otra alternativa crimeware...
Los precios del crimeware ruso. Parte 2
Eleonore Exploits Pack. Nuevo crimeware In-the-Wild

Jorge Mieres

No comments: