Friday, June 5, 2009

Malware toolkits

It's been a while since I last published here something related to my work. There are few reasons for that, such as some of my work-posts are more of marketing than pure technical achievements.

Anyway, some of you, my readers, had asked me to link here to some of the more technical stuff we do, or explain how a full-blown over-the-internet-attack works. So here are two posts I published in the past few months, demonstrating malware toolkits. Should this post's responses include more specific questions about toolkits, I'll try to answer them in following posts.
  1. LuckySploit. This one describes one of the most sohpisticated attacks out there. It is very much oriented to avoid anti-virus products during the infection process. Moreover, the fact this toolkit uses encryption is really impressive.
  2. Unique Pack. The funny case with this one is the fact Firefox users weren't vulnerable to this specific attack (Firefox has some vulnerabilities, so keep it updated at all time).
Now I must add the fact that using Linux and/or Firefox doesn't mean one is protected, although it really increases your chances to stay clear. Keep your software updated.

1 comment:

  1. There are some pretty valuable malware removal tools over at the Sophos site here - Sophos malware site. If you poke around you will find plenty of free removal tools, specifically some great ones for Conficker, and even a nifty little free encryption tool.