Security firm Symantec, Mountain View, California, USA has given details of a new cyber threat - Attack Toolkits. The ease of use and accessibility of these toolkits has become the cause for more attacks and more attackers.
According to Symantec, attack toolkits are software programs launched by cybercriminals to facilitate launch of widespread attacks on networked computers. Typically, they are composed of prewritten malicious code used to exploit vulnerabilities and can customize, deploy, and automate widespread attacks. Attackers use secondary websites to deploy them where the computers of unsuspecting users will be compromised.
"Today's attack toolkits make it relatively easy for even a malicious novice to launch a cyberattack. As a result, we expect to see even more criminal activity in this area and a higher likelihood that the average user will be victimized," Stephen Trilling, senior vice president of Symantec Security Technology and Response, said in a statement.
There seems to be a special market for these toolkits. One of the more popular toolkits, Zeus, was sold for $8,000 in the underground markets where attack toolkits are sold. Typical toolkits are sold for $15.
Zeus is a toolkit used to pose serious threats to small businesses. It aims to steal bank account credentials. Since small businesses have fewer safeguards in place to guard their financial transactions, they are an easier target.
Recently a ring of cybercriminals, who used Zeus, were arrested for using the toolkit to steal $70 million over an 18-month period.
Along with Zeus, MPack, Neosploit, Nukesploit P4ck, and Phoenix were named the most prevalent attack toolkits by Symantec. Predictable, adult entertainment, was the most malicious website category.