The market for exploits, so for malicious software, the vulnerability exploited to smuggle other malicious software into other people’s computers, it is highly developed, although it does not yet exist it for so long.
“Full earlier, if one can say so, but that was also only 20 years, was the problem for the people who have discovered such exploits that when they have tried to notify the manufacturer of the software, it is equal to a suit at the neck had because of possible blackmail, “remembers Morton Swimmer of Trend Micro. Today, the software companies react differently. They act as buyers on the so-called white market, to plug holes in their programs. Also security companies buy there exploits, Hewlett-Packard, for example, with its Zero Day Initiative for their protection programs recognize the malicious software. The opposite is the black market in which stock up Internet criminals.
“And then there’s the gray market. And that’s interesting, I would say. There is really about nations, military to intelligence services who want to have these weaknesses really, so they can exploit them for espionage, “says Oliver Rochford by the consulting firm Gartner. After Exploit trading it’s off to the preparation and integration of malicious programs.
“If an exploit was sold successfully, then the probability is very, very high that this exploit will find its way into an exploit kit . An exploit kit is a complete platform consisting of several exploits and an algorithm that detects which operating system has a surfer, which browser and which version with which plug-ins, and can create a very beautiful picture of the computer also the fact . And then looked:. Is there any exploit that fits this system and with which it is possible to infect these computers with malicious software, “says Christian Funk by Kaspersky Labs
Internet the things electrified black and white Hacker
Often the victim has previously surfed a completely unsuspected side, which had been but chopped. Criminals have there built an iFrame, a tiny link to your own server with the exploit kit. The surfer’s system is analyzed. The matching downloaded exploit it. A vulnerability exploited. And then the compromised system loads the actual malicious program downloaded, a trojan, a bot or extortionists software and performs the pest from. So daily infect thousands of surfers their computers. But vulnerable is not only conventional computers, but also vehicle-software, like the hacks of the recent past have shown. Ransomware, extortionists software, for example, could in future not only disable PCs and demand ransom for the unlock, but also cars. And still more formidable scenarios are conceivable. Christian Funk thinks of a message that will appear on the vehicle display at full speed:
“Good morning, dear motorists, we have just successfully infected your vehicle with a malicious software, it is quite possible. that you happen to a serious accident if you do not transfer a certain amount of money to us. “
This idea is currently electrified black and white hackers. The security risks associated with the Internet of Things with it, are much higher than those of the conventional IT. Oliver Rochford is sure that already criminal business models are being developed and the exploit trade stands before another boom.
“And accordingly, we expect in 12, 18 months a lot more activities in the area.”
No comments:
Post a Comment