Oh the Joy of the holidays and what better way for hackers to cheat the system by using the Christmas season to commit cybercrimes and scam millions of online shoppers. Online shopping is nothing new as we should all know by now. More and more people, including hackers, flock to consumer sites looking for the best deal on anything from iPods and computers to house slippers to "Exploitation Kits". Cyber criminals have a gift of their own to distribute online but they do not have to look too hard to find it. Hackers have released a web malware exploitation kit which is designed for commercial gains through a Christmas marketing pitch.
Exploitation kits can be compared to the dropping of a root kit. Basically, it is an easy way for someone to get their hands on something that exploits malware with the ultimate goal of making money. Hackers have their own products that they push off on others for the "right price". In a recent discovery of an exploitation kit by Neosploit, a cybercrime group (hackers), seems to be very similar to this new exploitation kit recently released. They use similar coding but nonetheless, both are expensive and deigned to be spread to the public where others may spread malware onto other computer users.
The marketing pitch used in this new exploitation kit reads as follows:
"Feeling bored? Miss the Christmas spirit? Want to make a lot of money before the holidays but you lack the right tools? We have the solution to your problems - our web malware exploitation kit which will bring back the Christmas attitude and also become the perfect gift for your friends. Available are Professional, Standard and Basic licenses, with each of these including or lacking some unique features based on your budget. Professional package comes with support."
Something to remember: An exploitation kit may make it easier for someone to attack a website that you may use for online shopping this holiday season. They use a sales pitch similar to that of spam messages.
Exploitation kits such as the Neosploit Malware Kit sell for around $1000 to $3000. If you multiply that by all of the people or hackers, who seek to wreak havoc amongst computers online, it adds up to quite a bit of money very quickly. This is of course considering they have hundreds of "customers" within a very short amount of time which is not an issue if they exploit computer users during the holiday season when online shopping is at an all-time high. You must always be aware of the site and source that you do your online shopping from.
What does this mean for me?
When you have an Exploitation kit you may have the ability to attack others with malware. An Exploitation kit may make it easier for someone to spread malware to computer users through a website, spam messages or file and program downloads. Exploitation Kits may be offered to anyone. You must know what you are purchasing online and be aware of the plugins installed on your web browser. Web browsers utilize plugins that may have been the result of an exploitation kit. Make sure that any plugin that you download and install is one from a reputable source to limit the likelihood of your computer being attacked by malware.