Cyber criminals have a 10 per cent success rate

gallery

At least one in 10 machines are susceptible to malware, according to security specialist AVG.

A mere 165 domains have managed to infect 1.2 million machines by using an exploit toolkit called Eleonore. The exploits were tracked by AVG in a study involving around 12 million attempted infections.

Eleonore looks for certain unpatched vulnerabilities in browsers, Adobe Acrobat Reader and Sun Java’s JVM. Once found, the toolkit can be used to infect the computer with malware that can steal data. The cyber criminals can also auction access to the PC in online black markets. This allows other criminal groups to set up botnets of considerable size for launching denial of service attacks.

An antivirus research team noticed an increase in the use of Eleonore through the anonymous data AVG gathers through its antivirus software. When the software is installed, the user can opt to send data to AVG and many do. 165 domains seemed to be showing much more activity and were prime targets for a bit of reverse hacking.

The data was gathered by exploiting a flaw in Eleonore itself which allowed the team to place a bit of reporting code into Eleonore. This allowed statistics to be compiled on the success of each attack and which particular vulnerability the toolkit found.

One in 10 computers succumbed to the charms of Eleonore and, according to AVG’s white paper, the main weakness was Microsoft Internet Explorer 6.

“It is of no surprise to find out that cyber gangs are becoming far more sophisticated and ruthless in their pursuit of making money from their criminal activities but what our recent research at AVG shows is that some of the tools to help them do this have become much more accessible," said J R Smith, AVG's chief executive in his blog,

The researchers concentrated on one toolkit but the chilling fact is that there are dozens more out there doing the same thing.

Email to a friend

Print this page