Hackers update malware tool kit, add first zero-day attack code

A new version of the IcePack hacker exploit tool kit has been released, security researchers warned today, and for the first time it includes attack code designed to exploit an unpatched, or zero-day, Microsoft vulnerability.

Three of IcePack's eight exploit tools are new, said Roger Thompson, chief technology officer at Exploit Prevention Labs Inc. That's noteworthy in and of itself, Thompson said. "The mix of old and new exploits is to be expected, but three new ones in one update is pretty impressive," he noted.

But the new tool kit also sports a first. "The latest iteration has done something original," said Thompson, pointing to an exploit that attacks a zero-day vulnerability in Microsoft's DirectX software development kit (SDK)

"The closest to a tool-kit zero-day exploit [before] was for the ANI [animated cursor] vulnerability."

He was referring to a Windows bug that surfaced in early April. By the time that Mpack, an IcePack predecessor, added the ANI exploit, however, Microsoft had patched the vulnerability with an emergency out-of-cycle update.

 

Sourcs:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9035659&source=rss_topic85

Trackbacks

Trackback URL for this entry is: http://blog.case.edu/lou.changeri/mt-tb.cgi/15332

Comments

Post a comment





If you have entered an email address in the box, clicking this checkbox will subscribe your email address to this entry so that you are notified if any updates or additional comments occur on the entry.