MPack exploit kit creator speaks

Summary:In the interview, presented from multiple IRC conversations and edited/reordered for clarity, SecurityFocus reporter Rob Lemos peeks behind the dark curtain of exploit writing and the lucrative underground market that exists for critical software vulnerabilities.

MPack exploit kit creator speaks
SecurityFocus.com reporter Rob Lemos has a fascinating interview with one of the developers of MPack, the exploit kit used in thousands of drive-by malware attacks.

In the interview, presented from multiple IRC conversations and edited/reordered for clarity, Lemos does a nice job of peeking behind the dark curtain of exploit writing and the lucrative underground market that exists for critical software vulnerabilities.

Some excerpts from the interview:

On acquiring exploits to fit into MPack:

For our pack, there are two main methods of receiving exploits: The first one is guys sending us any material they find in the wild, bought from others or received from others; the second one is analyzing and improving public reports and PoC (proof-of-concept code). We sometimes pay for exploits. An average price for a 0-day Internet Explorer flaw is US$10,000 in case of good exploitation.

On a possible link with WebAttacker (a similar exploit pack):

I know the WebAttacker team. We are friends. I was talking to WebAttacker's manager recently and he told me that they are going to start the real WebAttacker 2 pack in the near future. Referring to MPack as WebAttacker 2 is a mistake. They are two different projects.

On protecting against MPack exploits:

I would advise you to use the Opera browser with scripts and plug-ins disabled in order not to be caught by the MPack someday.

The entire two-page interview over at SecurityFocus is worth reading.

[ ALSO SEE: MPack exploit kit used in Italian browser attacks ]

Topics: Browser

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.