Have you ever wanted to be your own hacker, using exploits to infect other people’s machines? An application can be purchased, for those ‘wanna-be’ hackers, at the initial cost of $1000 plus an additional $50-100 per exploit. Purchase today and receive a year of free technical support.

The software/application is known as Mpack, first discovered by PandaLabs in December of 2006, which comes in the form of PHP script, runs remotely on web servers, and comes with one year of free support.

Mpack is set up on websites where it sits, statically, waiting for a victim to access the page. Users are drawn to the web pages through spam, trick domains (e.g. Microsof.com, instead of Microsoft.com) and are set up on domains that already receive a high number of visitors.

Once a user visits the site, Mpack searches for vulnerabilities on the machine, and, if found, downloads the corresponding exploit where it is run on the user’s machine.

Mpack collects data on the infected computer and sends all relevant information to remote servers; PandaLabs has currently discovered 41 of these data retention severs.

From these servers, the hackers can then access information and statistics on the infected systems such as IP addresses, location, operating system, and browsers, much similar to a management system for tracking visitors to a website.

PandaLabs has published a complete study on Mpack, and further information including how to avoid such an attack can be found in the PandaLabs blog.

Related:

Entry was posted on Thursday, June 21st, 2007 at 2:43 pm under Security.

Read more entries by George Gardner.
Stumble It!