>>VIEW ALL POSTS  

Security Bytes

« New ransomware Trojan tricks victims to buy software fix
Israeli Mossad add Trojan Horse to Syrian laptop »
Nov 6 2009   2:00PM GMT

Fragus exploit pack’s pricy business model locks users in

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

Tags:

The $800 attack toolkit comes with a self-destruct mechanism after a certain time period

Security researchers at Symantec are closely monitoring the Fragus exploit pack, an $800 package of tools developed by cybercriminals to enable users to set up attack websites. Their latest findings have identified an effort by the toolset writers to clamp down on how the toolpack is used – an effort, no doubt, to keep the revenue stream open long after someone plunks down the hefty chunk of change needed to buy Fragus.

The blog entry, written by Peter Coogan with help from researcher Cathal Mullaney includes several screenshots of the exploit kit the researchers found in use on a specific domain. The toolkit they found was in use in September and October and targeted users in Spain and Germany.

Symantec said the toolkit is one of the most popular, but we’ll have to see how the author’s clampdown affect its popularity. The authors restrict files to run on specific IP addresses and servers meaning that if an owner of the kit wants to make a change they have to go back and get a software update to do so. The toolkit also contains a self-destruct mechanism, expiring files after a certain time period.

Despite the limitations, the toolkit’s popularity must mean that it is a big – real big – money maker for cybercriminals. A person willing to give up $800 is willing to accept a lot of risk and much like the stock market, the more risk you take on, the bigger the rewards.

Comment     RSS Feed     Email a friend

1  Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • DarkestOfSides
    How can you purchase this software?? I would like to start my career of Offensive Penetration Testing. And I am gonna use this for good purposes only. If any questions on how I am gonna use this software, call me at 616 994 3748. Again, I am only gonna use this for GOOD PURPOSES only.!! And I need to know how I can find/ purchase this piece of advanced software. Thanks :)
    10 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: