News Advanced Threats

The 5 Coolest Hacks Of 2012

Kelly Jackson Higgins

See more from Kelly

Connect directly with Kelly: Bio | Contact

Nothing was sacred -- the nation's airspace, home power meters, videoconferences, and, in an ironic twist, popular cybercrime tools

Kelly Jackson Higgins December 27, 2012

4. RATs With Bugs
Remote access Trojans/tools -- a.k.a. RATs -- are a cybercriminal's best friend. These remote administration tools help bad guys spy on and wage targeted attacks. A pair of interns for Matasano Security discovered that some popular RATs can actually be exploited to help turn the tables on the attackers behind them.

DarkComet, Bandook, CyberGate, and Xtreme RAT, which are used to exploit victims, can be exploited themselves, according to Shawn Denbow of Rensselaer Polytechnic Institute and Jesse Hertz of Brown University, both undergraduate computer science students now in their senior year. The researchers found that the RATs contain flaws common in mainstream software, such as SQL injection, arbitrary file reading, and weak encryption.

More Security Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>

RATs typically conduct keylogging, screen and camera capture, file management, code execution, and password-sniffing. But it turns out these tools can be just as vulnerable as the systems they target. "This shows that it is possible, and that it's not hard, to pick apart attacker tools and come up with proactive defenses against them," says John Villamil, senior security consultant with Matasano, who was Denbow and Hertz's adviser for the project. "If nothing else, it can help forensics companies analyzing traffic from compromises ... and help build tools that analyze these Trojans, and provide signatures [to detect them]."

At a time when offensive defense is becoming the new battle cry, the concept of poking holes in black hat tools is attractive. But hacking back remains taboo.

The researchers released homegrown tools that decrypt RAT traffic and proof-of-concept exploits for the bugs they found. Most RATs include weak encryption, or no encryption at all, they found.

"The people using those tools either don't realize how weak they are, or they don't care," Villamil says. The bottom line is that RATs are powerful cyberespionage and other persistent attack tools.

Page 6:
« Previous Page | 1 | 2 | 3 | 4 | 5 | 6 | Next Page »

Kelly Jackson Higgins

See more from Kelly

Connect directly with Kelly: Bio | Contact

Dark Reading Discussions

Start the Discussion

To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.

Follow Dark Reading

Dark Reading Reports

Advanced Persistent Threats: The New Reality

For most organizations, the imminent danger that advanced persistent threats pose has been relatively low. That's changing as attackers' target base widens, their knowledge grows and their cyber weapons trickle down to the hacker masses. In this Dark Reading report, we examine the current APT landscape and provide recommendations for protecting your organization against this growing concern.
Trends In Mobile Device Threats

While there's some debate about the level of threat mobile devices pose, there's no question that the threat is growing. With readily available information about the devices in use, and often few corporate safeguards in place, mobile devices are turning out to be a lucrative vector for attackers looking for an in to enterprise networks. In this Dark Reading report, we explain how the threat is growing, what attackers are targeting and why you need to be concerned.
Heading Off Advanced Social Engineering Attacks

Social engineering attacks are getting increasingly sophisticated, but there's only so much the law and technology can do to protect your organization. In this Dark Reading report, we detail how a social engineering attack is developed and what IT professionals can do to prevent their users from being targets and victims.

Other reports from the Advanced Threats Tech Center:

Related Content

Sponsored by

The Rising Threat of Corporate Cybercrime: Cybercriminal Motives and Methods

Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to corporate information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the corporate network than a direct network attack. Our latest white paper discusses the cybercriminal motives and methods, and presents the need for Enterprises to recognize this growing danger and implement technologies that effectively prevent malware, the root cause of cybercrime.
Evolving Endpoint Malware Detection, Dealing with Advanced and Targeted Attacks

Advanced malware targeting employee endpoints is a major threat to corporate intellectual property, regulated data and financial assets. Perimeter and traditional endpoint defenses are struggling to meet this emerging threat in the face of a changing IT landscape: desktop virtualization, remote access, BYOD and Cloud migration. This whitepaper explains how advanced malware challenges traditional defenses to take advantage of the increased exposure of employee endpoints. It review's the evolution of advanced targeted attacks, the various approaches used to address them and how organizations should think about their current and future malware defense strategy.
Zero-Day Exploits and APTs: Security Requirements vs. Operational Challenges

Enterprises are losing the battle against advanced, information-stealing malware attacks. We continuously discover new application vulnerabilities which are quickly exploited by cybercriminals. Traditional blacklisting solutions don't work, and more advanced whitelisting-solutions are unmanageable. How do you overcome the manageability and operational challenges of advanced malware protection?

In this webinar, guest speaker Rick Holland, senior analyst serving Security & Risk Professionals at Forrester Research, Inc., will discuss the security and operational challenges associated with advanced malware protection. Rick will review the technical and operational requirements organizations should consider when looking to prevent and mitigate advanced malware. Dana Tamir, Director of Product Management at Trusteer, will then introduce Trusteer Apex which applies a new groundbreaking approach for stopping zero-day exploits and data exfiltration.

Free Research and Reports

What's this?From the Editors of DarkReading

More >>

Box Icon

Whitepapers

What's this?

More >>

Box Icon

Dark Reading Digital Magazine

Back Issues

In This Issue

How Hackers Fool Your Employees: People are your most vulnerable endpoint. Make sure your security strategy addresses that fact.
Not All Or Nothing: Effective security doesn't mean stopping all attackers.

Download Now

First Name*:
Last Name*:
Email Address*:
Job Title:
Company/Organization/Gov't Dept.:
*Required field
Privacy Statement

Security

Protect The Business - Enable Access

News Advanced Threats

The 5 Coolest Hacks Of 2012

Nothing was sacred -- the nation's airspace, home power meters, videoconferences, and, in an ironic twist, popular cybercrime tools

More Security Insights

White Papers

Reports

Webcasts

Related Reading

Dark Reading Discussions

Start the Discussion

Follow Dark Reading

Dark Reading Reports

Advanced Persistent Threats: The New Reality

Trends In Mobile Device Threats

Heading Off Advanced Social Engineering Attacks

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue

News Advanced Threats

The 5 Coolest Hacks Of 2012

Nothing was sacred -- the nation's airspace, home power meters, videoconferences, and, in an ironic twist, popular cybercrime tools

More Security Insights

White Papers

Reports

Webcasts

Related Reading

Dark Reading Discussions

Start the Discussion

Follow Dark Reading

Dark Reading Reports

Related Content

Dark Reading Newsletter

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue