Neosploit, a crimeware kit thought by some security experts to have been retired, has reared its ugly head again, and may have been used in one of the biggest organized crimeware attacks in history.  Ian Amit, a security researcher investigating the possible resurrection of the notorious kit, discovered a server hosting the login credentials of more than 200,000 servers in more than 86 countries around the world.  According to Amit, he has uncovered evidence suggesting that 80,000 legitimate web sites from dozens of countries have been infected with the malware, which in turn infect visitors to these sites with various Trojans and other malware.

Last April, the neosploit development team had announced that it was discontinuing support and development of the kit, despite the success of the “product,” citing concerns with the ongoing viability  of the business.  Now it appears that this statement was a ruse designed to buy the gang some time to perfect the next release of the kit.  The latest discoveries by Amit and his crew indicate that a new version was used to compromise the data of millions of users across hundreds of thousands of systems.  These include major overseas weapons manufacturers, the U.S. Postal Service, Fortune 500 companies, universities, and government departments.

Amit is working with US-CERT (a department of Homeland Security) as well as other local and international law enforcement agencies to investigate and shut down the servers operated by these criminals, and to notify and work with infected enterprises to clean up their systems.

Author: Christopher

(1 votes, average: 5.00 out of 5)

 Loading ...