Hackers shut down Neosploit attack kit
Run out of business by lower-priced rivals, says RSA
Computerworld - A noted hacker attack kit has been retired from service by its criminal creators, most likely because it was priced too high compared to the competition, researchers said today.
Last week, security analysts at RSA's FraudAction Research Labs said they had evidence that the makers of Neosploit, a well-known infection kit used by online criminals to apply multiple exploits against PCs, -- were abandoning the business.
RSA, which regularly monitored the forums and chat rooms where Neosploit's developers marketed their product, was confident that the group was giving up on the kit, though not on hacking. "Even we assume that this isn't necessarily the end of this group," said Sean Brady, a product marketing manager in RSA's ID and access assurance group, which includes the FraudAction lab.
In its blog post, RSA quoted a going-out-of-business message in Russian said to have originated with Neosploit's authors. "Unfortunately, supporting our product is no longer possible," RSA's translation read. "We apologize for any inconvenience, but business is business, since the amount of time spent on this project does not justify itself. Now we will not be with you, but nevertheless we wish that your businesses will prosper for a long time!"
According to RSA, updates to Neosploit, which had a reputation for frequent updates, slowed this summer, with just one new version since early June. In April and May, Neosploit's makers released two updates.
RSA speculated that Neosploit's demise was driven by the same problems that face legitimate capitalism. "Our gut feeling is that their cost structure was out of whack given its functionality and the price of the competition," Brady said. "It was entirely about price point. Many kits do succeed. They've been the genesis of the growth of phishing [attacks] and Trojan horses."
Brady wouldn't hazard a guess about recent prices Neosploit's developers charged for the kit, saying only that "it apparently did have a high cost." Others have previously pegged the price at $1,000 to $3,000.
"They were very vigorous at updating Neosploit, sometimes two or three times a month, and I haven't seen anything new from them for a couple of months now. That would explain it," Thompson said.
Neosploit, which first appeared in 2007, was a follow-on to the earlier MPack, and a contemporary to another exploit kit, WebAttacker. Neosploit shared traits with other hacker tools in that it was modular and could be easily modified to include attack code aimed at the newest vulnerabilities in Windows, Internet Explorer or third-party software such as Apple Inc.'s QuickTime. But it also boasted features new to the click-to-attack business, including a sophisticated statistical analysis of exploit success.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!