Monday, February 06, 2006

Wmf Exploit Sold For $4,000


Russian hacker groups sold exploit code for the WMF exploit in early
December, well before vulnerability research companies caught wind of
the problem, mounting evidence is suggesting.

A two-week window separated the development of the exploit and the
discovery of suspicious activity, according to an eWeek article. During
these two weeks the exploit code was available on underground websites
-- at a $4,000 cost.

Details regarding the first release of the exploit are still being
discovered, however the eWeek article mentions an early relationship
with a stock pump-and-dump scheme, where the WMF flaw was used quietly
for quick financial gain.

A BugTraq posting in late December was first to show a website actively
implementing the WMF flaw, and the flurry of activity that followed
sent the security community into overdrive -- over one thousand
malicious WMF files were detected in the days following the post.

Source : http://www.securityfocus.com/brief/126

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.