The distributors of Neosploit, one of the more dangerous drive-by download exploit kits on the Internet, have shut down operations because of financial problems, according to malware researchers at RSA FraudAction Research Labs.
In a blog entry, the company said it found evidence that Neosploit will no longer be supported (yes, the do-it-yourself malware installation kit comes with terms of service and customer support!) and will not feature any new exploits.
Here's a rough translation of the shutdown announcement, which was posted on a Russian Web site:
"Unfortunately, supporting our product is no longer possible. We apologize for any inconvenience, but business is business since the amount of time spent on this project does not justify itself.
We tried hard to satisfy our clients' needs during the last few months, but the support had to end at some point. We were 1.5 years with you and hope that this was a good time for your business.
Now we will not be with you, but nevertheless we wish that your businesses will prosper for a long time! Good luck all, The Neosploit Team!"
Neosploit was notorious for being very aggressive about adding new exploits for vulnerabilities and was considered the the most advanced infection kit used by online criminals. From a bad guy's perspective, it was considered reliability, scalable and efficient, even offering GUI-based features for tracking malware infections by OS, browser version or country.
According to the RSA research team, the Neosploit creators ran a successful business selling the kit to malware purveyors but things have apparently gone downhill:
In mid-July, however, evidence showed that Neosploit's successful business was running into problems. It is likely that Neosploit was finding it difficult to sustain its new customer acquisition rate, and that its existing customers were not generating enough revenue to sustain the prior rate of development. These problems appear to have been too much of a burden, and we now believe that the Neosploit development team has been forced to abandon its product.
If this shutdown is for real, it is good news for computer security but it's certainly not only malware installation kits available for sale online. Neosploit competed with others like IcePack, Black Sun, Cyber Bot, Mpack and Zunker.