Hackers shut down Neosploit attack kit
Run out of business by lower-priced rivals, says RSA
Computerworld - A noted hacker attack kit has been retired from service by its criminal creators, most likely because it was priced too high compared to the competition, researchers said today.
Last week, security analysts at RSA's FraudAction Research Labs said they had evidence that the makers of Neosploit, a well-known infection kit used by online criminals to apply multiple exploits against PCs, -- were abandoning the business.
RSA, which regularly monitored the forums and chat rooms where Neosploit's developers marketed their product, was confident that the group was giving up on the kit, though not on hacking. "Even we assume that this isn't necessarily the end of this group," said Sean Brady, a product marketing manager in RSA's ID and access assurance group, which includes the FraudAction lab.
In its blog post, RSA quoted a going-out-of-business message in Russian said to have originated with Neosploit's authors. "Unfortunately, supporting our product is no longer possible," RSA's translation read. "We apologize for any inconvenience, but business is business, since the amount of time spent on this project does not justify itself. Now we will not be with you, but nevertheless we wish that your businesses will prosper for a long time!"
According to RSA, updates to Neosploit, which had a reputation for frequent updates, slowed this summer, with just one new version since early June. In April and May, Neosploit's makers released two updates.
RSA speculated that Neosploit's demise was driven by the same problems that face legitimate capitalism. "Our gut feeling is that their cost structure was out of whack given its functionality and the price of the competition," Brady said. "It was entirely about price point. Many kits do succeed. They've been the genesis of the growth of phishing [attacks] and Trojan horses."
Brady wouldn't hazard a guess about recent prices Neosploit's developers charged for the kit, saying only that "it apparently did have a high cost." Others have previously pegged the price at $1,000 to $3,000.
"They were very vigorous at updating Neosploit, sometimes two or three times a month, and I haven't seen anything new from them for a couple of months now. That would explain it," Thompson said.
Neosploit, which first appeared in 2007, was a follow-on to the earlier MPack, and a contemporary to another exploit kit, WebAttacker. Neosploit shared traits with other hacker tools in that it was modular and could be easily modified to include attack code aimed at the newest vulnerabilities in Windows, Internet Explorer or third-party software such as Apple Inc.'s QuickTime. But it also boasted features new to the click-to-attack business, including a sophisticated statistical analysis of exploit success.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts