A peek inside a CVE-2013-0422 exploiting DIY malicious Java applet generating tool

Posted on May 2, 2013 by ddanchev

By Dancho Danchev

On a regular basis we profile various DIY (do it yourself) releases offered for sale on the underground marketplace with the idea to highlight the re-emergence of this concept which allows virtually anyone obtaining the leaked tools, or purchasing them, to launch targeted malware attacks.

Can DIY exploit generating tools be considered as a threat to the market domination of Web malware exploitation kits? What’s the driving force behind their popularity? Let’s find out by profiling a tool that’s successfully generating an exploit (CVE-2013-0422) embedded Web page, relying on malicious Java applets.

More details:

Continue reading →

New DIY unsigned malicious Java applet generating tool spotted in the wild

Posted on March 8, 2013 by ddanchev

By Dancho Danchev

Just as we anticipated on numerous occassions in our series of blog posts exploring the emerging DIY (do it yourself) trend within the cybercrime ecosystem, novice cybercriminals continue attempting to steal market share from market leaders, in order for them to either gain credibility within a particular cybercrime-friendly community, or secure a revenue stream.

Throughout 2012, we’ve witnessed the emergence of both, publicly obtainable, and commercially available, DIY unsigned Java applet generators. Largely relying on social engineering thanks to their built-in feature allowing them to “clone” any given Web site, these tools remain a popular attack vector in the arsenal of the less sophisticated cybercriminal, looking for ways to build his very own botnet.

In this post, I’ll profile one of the most recently released DIY tools.

More details:

Continue reading →

Malicious DIY Java applet distribution platforms going mainstream

Posted on January 11, 2013 by ddanchev

By Dancho Danchev

Despite the fact that on the majority of occasions cybercriminals tend to rely on efficient and automated exploitation techniques like the ones utilized by the market leading Black Hole Exploit Kit, they are no strangers to good old fashioned ‘visual social engineering’ tricks. Throughout 2012, we emphasized on the emerging trend of using malicious DIY Java applet distribution tools for use in targeted attacks, or widespread campaigns.

Is this still an emerging trend? Let’s find out. In this post, I’ll profile one of the most recently released DIY Java applet distribution platforms, both version 1.0 and version 2.0.

More details:

Continue reading →

Cybercriminals generate malicious Java applets using DIY tools

Posted on January 30, 2012 by ddanchev

By Dancho Danchev

Who said there’s such a thing as a trusted Java applet?

In situations where malicious attackers cannot directly exploit client-side vulnerabilities on the targeted host, they will turn to social engineering tricks, like legitimate-looking Java Applets, which will on the other hand silently download the malicious payload of the attacker, once the user confirms he trusts the Applet.

Let’s profile a DIY (do-it-yourself) malicious Java Applet generator currently available for download at selected cybercrime-friendly online communities:

Continue reading →

Webroot Threat Blog – Internet Security Threat Updates from Around the World

WEBROOT – INSIGHTS INTO THREATS AND TRENDS FROM OUR INTERNET SECURITY EXPERTS

Tag Archives: Java Applet

Follow “Webroot Threat Blog - Internet Security Threat Updates from Around the World”

WEBROOT – INSIGHTS INTO THREATS AND TRENDS FROM OUR INTERNET SECURITY EXPERTS

Tell your friends:

Like this:

Tell your friends:

Like this:

Tell your friends:

Like this:

Tell your friends:

Like this:

Follow “Webroot Threat Blog - Internet Security Threat Updates from Around the World”