An inquiry into the nature and causes of the wealth of internet miscreants
Proceedings of the 14th ACM conference on Computer and communications security
There is no free phish: an analysis of "free" and live phishing kits
WOOT'08 Proceedings of the 2nd conference on USENIX Workshop on offensive technologies
An analysis of underground forums
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
A Case Study of Intelligence-Driven Defense
IEEE Security and Privacy
Manufacturing compromise: the emergence of exploit-as-a-service
Proceedings of the 2012 ACM conference on Computer and communications security
WebWinnow: leveraging exploit kit workflows to detect malicious urls
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.00 |
In this paper we report a preliminary analysis of the source code of over 30 different exploit kits which are the main tool behind drive-by-download attacks. The analysis shows that exploit kits make use of a very limited number of vulnerabilities and in a rather unsophisticated fashion. Their key strength is rather their ability to support "customers" in avoiding detection, monitoring traffic, and managing exploits.