An emerging threat called attack toolkits has gotten the attention of security firm Symantec.
The Mountain View, Calif. company outlined an extensive report which found attack toolkits more accessible and easier to use. This has led to more attacks at a faster rate and with a higher number of attackers.
Symantec says attack toolkits are software programs launched by cybercriminals to facilitate launch of widespread attacks on networked computers. Typically, they are composed of prewritten malicious code used to exploit vulnerabilities and can customize, deploy, and automate widespread attacks. Attackers use secondary websites to deploy them where the computers of unsuspecting users will be compromised.
In total, 310,000 unique domains were found to be malicious by Symantec. This resulted in the detection of more than 4.4 million malicious Web pages per month. Sixty one percent of web based threat activity in the report was due to attack toolkits.
Today's attack toolkits make it relatively easy for even a malicious novice to launch a cyberattack. As a result, we expect to see even more criminal activity in this area and a higher likelihood that the average user will be victimized, Stephen Trilling, senior vice president of Symantec Security Technology and Response, said in a statement.
The toolkits have created an underground marketplace of sorts. One of the more popular toolkits, Zeus, was sold for $8,000 in the underground markets where attack toolkits are sold. Typical toolkits are sold for $15.
Zeus is a toolkit used to pose serious threats to small businesses. It aims to steal bank account credentials. Since small businesses have fewer safeguards in place to guard their financial transactions, they are an easier target. Recently a ring of cybercriminals, who used Zeus, were arrested for using the toolkit to steal $70 million over an 18-month period.
Along with Zeus, MPack, Neosploit, Nukesploit P4ck, and Phoenix were named the most prevalent attack toolkits by Symantec. Adult entertainment, not surprisingly, was the most malicious website category.