70 percent of exploit kits come from Russia: Report

70 percent of exploit kits come from Russia: Report

Summary: A new report suggests that not only are we slow when it comes to patching up old exploits, but roughly 70 percent of the exploit kits come from Russia.

TOPICS: Security
laptop security exploit flaw russia china

Almost 60 percent of the vulnerabilities in computing systems used by exploit kits are over two years old, and the majority of exploit kit development takes place in Russia, according to a new study by the Solutionary's Security Engineering Research Team (SERT).

The research paper (registration required) said that out of 26 exploit kits analyzed by SERT, 70 percent were either released or created in Russia, with China and Brazil the other most popular regions for exploit kit development.

SERT's report also suggested that despite a number of high-profile DDoS attacks--including hits on financial institutions, Wikileaks, and Demonoid--in Q4 2012, there was a slight reduction in reported attacks. Authentication security attacks and the presence of malware increased.

Rob Kraus, SERT's director of research, said:

The fact that cyber criminals are able to penetrate network defenses by targeting aging vulnerabilities and using old techniques, demonstrates that many organizations are still playing catch-up when it comes to cyber security. Tight budgets, inability to convince stakeholders at all levels that security should be a priority, and a shortage of research resources could be among the reasons why many security and risk teams are continuing to operate in reactive mode.

Many organizations are not patching security flaws properly, the report found. A lack of updates means that some of the oldest exploit code found in kits--dating back to 2004 in some cases--can still be used to wreak havoc. However, the security team also found that the popular BlackHole 2.0 kit exploits fewer vulnerabilities in comparison to a number of other kits that are openly available. Phoenix, for example, is the most versatile, being able to exploit 16 percent of all bugs.

Other exploit kits analyzed include Incognito v.2, Sweet Orange, and Eleonore 1.8.91.

In addition, SERT said that the majority of malware--67 percent--is not detected by the majority of anti-virus or anti-malware software, and roughly 30 percent of the samples were traced back to JavaScript malware variants used for redirection, obfuscation, and encryption, which are all used with the BlackHole exploit kit.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Exploits?

    It takes an education to write computer code. Education costs money. Exploits are a source of money. So, exploits generate the need for education and education leads to crime. So, education is bad therefore it's better to be a fundamentalist living in a mud hut in some sh!t hole because your lack of education only warps your mind and not some random computer. To sum up; education leads to cyber terrorism, ignorance leads to explosive terrorism but total apathy leads to oblivious happiness and one thing always leads to another. At the bottom of these philosophies is a lump of hamburger weighing about two and a half to three pounds that makes all your decisions for you. You call it a brain but it's just a blob of burger bits and it dreams up some weird stuff.
    • Wow! feeling depressed today bub?

      Have a couple of frosty's and call me in the morning if you're not feeling better....

    • Maybe the point is that Russia has few opportunities for those educated?

      Maybe there are a lot of talented Russians with little to do, and with 85+ years history of authoritarian regimes, little ethical input. Really a shame, as it would help the world so much if that talent pool was producing something useful, rather than working in crime, and costing the rest of the world more in reduced productivity and higher prices. Can't really undo education, you know!
  • Errr......

    26 exploits ain't much.