[ISN] Researcher shows how to strike back at web assailants

From: InfoSec News <alerts_at_private>
Date: Fri, 18 Jun 2010 00:48:45 -0500 (CDT)
http://www.theregister.co.uk/2010/06/17/exploiting_online_attackers/

By Dan Goodin in San Francisco
The Register
17th June 2010

A security researcher has disclosed details on more than a dozen 
previously unknown vulnerabilities that people responding to web-based 
attacks can exploit to strike back at online assailants.

The bugs reside in off-the-shelf crimeware kits that go by names such as 
Eleonore, Liberty, Neon, and Yes. Attackers install them on compromised 
websites to streamline the process of exploiting unpatched 
vulnerabilities on the PCs of people who visit them.

It has long been known that some of the exploit kits are themselves 
susceptible to attacks, and on Thursday Laurent Oudot, CEO of French 
security consultancy Tehtri-Security, detailed 13 bugs that can be 
exploited to turn the tables on the criminals running the software. They 
make it possible for law enforcement agents and other investigators of 
online attacks to destroy command and control servers, identify the 
miscreants, and in some cases even launch client-side attacks against 
the intruders.

"The offensive concepts that we've shown today were how to strike back 
at attackers who use evil web tools like Exploit Packs, Web backdoors, 
etc.," Oudot told The Register in an online discussion a few hours after 
he made a presentation at the SyScan security conference in Singapore. 
"Basically, we explained that it is possible to create traps or to 
remotely attack the malicious web tools used by people controlling 
botnets."

[...]


_________________________________________________________________
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com
Received on Thu Jun 17 2010 - 22:48:45 PDT

This archive was generated by hypermail 2.2.0 : Thu Jun 17 2010 - 22:54:36 PDT