[funsec] Newsmaker: DCT, MPack Developer

Paul Ferguson fergdawg at netzero.net
Fri Jul 20 16:31:51 CDT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Via SecurityFocus.

[snip]

In June 2006, three Russian programmers started testing a collection of PHP
scripts and exploit code to automate the compromise of computers that visit
malicious Web sites.

A year later, the MPack kit has become an increasingly popular tool,
allowing data thieves and bot masters to take control of victims' systems
and steal personal information. The MPack infection kit has been blamed for
hundreds of thousands of compromised computers. And, it's malicious
software with a difference: The creators have offered a year of support to
those clients from the Internet underground who purchase the software for
anywhere from $700 to $1,000.

In late June, SecurityFocus answered an online advertisement for the MPack
infection kit, sending an ICQ message to the identifier listed in the ad. A
few days later, a person contacted SecurityFocus through ICQ and identified
themselves as "DCT," one of the developers of the MPack infection kit. What
follows is the result of two weeks of interviews that took place in late
June and early July.

[snip]

More:
http://www.securityfocus.com/news/11476

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)

wj8DBQFGoSnEq1pz9mNUZTMRAtphAJ0RCZ4qs+yySxaMuranghGiQ1TOSwCgy/Ek
8qTtbc72z+WldoQoTt/SzVo=
=7RJC
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/




More information about the funsec mailing list