• E-mail
• Print
• Comment
• Font Size
• Digg
• del.icio.us
• Discuss article

Cyber-Crooks Offer Malicious Code Tool Mpack for $1000 Including One Year Free Support

Posted on: Thursday, 21 June 2007, 12:00 CDT

GLENDALE, Calif., June 21 /PRNewswire/ -- PandaLabs has discovered that as many as 350,000 web pages could be infected by Mpack, a malicious application that searches out vulnerabilities on computers accessing those web pages. If Mpack detects a vulnerability, it downloads the corresponding exploit.

The infection process starts with a hacker accessing a web page and adding an iframe reference pointing to the server with Mpack installed. If a user then visits one of these pages, the iframe executes the Mpack index. This then searches for vulnerabilities on the user's computer. If it detects one, it downloads the corresponding exploit.

The exploit, once it reaches a computer, is run and compiles data about the infected computer (browser, operating system, etc.). This information is then sent to and stored on a server. PandaLabs has located 41 servers receiving this data. From these servers the cyber-crooks can generate statistics about the type of operating system or Web browser on affected systems or the number of infections in a given area.

The new 0.90 version of Mpack is available for purchase on the web for $1000. The cyber-crooks even offer one year's free support. Hackers that want to update Mpack with new exploits can buy them for between $50 and $150 per exploit.

Hackers use a number of techniques to get users to visit the pages, including spam, using trick domains (e.g. gookle, instead of google,) or infecting pages that already receive numerous visits.

PandaLabs has published a complete study of Mpack available at: http://blogs.pandasoftware.com/blogs/images/PandaLabs/2007/05/11/MPack.pdf There is also further information in the PandaLabs blog.

All users that want to know whether their computers have been attacked by this or other malicious code can use TotalScan or NanoScan beta, the free, online solutions available at: http://www.infectedornot.com/.

About PandaLabs

Since 1990, its mission has been to analyze new threats as rapidly as possible to keep our clients safe. Several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. To achieve this, they also have the support of TruPrevent(TM) Technologies, which act as a global early-warning system made up of strategically distributed sensors to neutralize new threats and send them to PandaLabs for in-depth analysis. According to Av.Test.org, PandaLabs is currently the fastest laboratory in the industry in providing complete updates to users. More information at http://www.pandasoftware.com/pandalabs and the PandaLabs blog (http://blogs.pandasoftware.com/).

Available Topic Expert(s): For information on the listed expert(s), click appropriate link. Ryan Sherstobitoff http://profnet.prnewswire.com/Subscriber/ExpertProfile.aspx?ei=62082

PandaLabs

CONTACT: Kari Wise, Vice President Public Relations Panda USA,+1-818-543-6922, kwise@pandasecurity.com

Web site: http://www.pandasoftware.com/

Source: PRNewswire

More News in this Category