Among the various exploit kits for sale out there it seems there is one that aspiring cyber crooks can use for free.
Researchers from M86 have stumbled upon it by chance, and intrigued by the “K0de.org Open Source Exploits” phrase on the bottom on the page, they used it to search out the phrase across the Internet.
What seems to be a post on an private hacker forum by none other than the toolkit’s original author popped up instantly. If legitimate, the post reveals that this “K0de Sploit pack” is actually an improved clone of the ever-so-popular Eleonore exploit kit.
“As you can see it’s pretty much elenores lay out with a few touch ups & very badly made paint buttons. I’ve only been working on this for 2 hours or so, so please keep that in mind and I plan to add a lot more onto it in the coming days, so keep an eye out for news,” says the author in the post.
He says that he he tested the kit on Windows-running PCs and that the improvements have brought about a 3.5% rise in infection compared to Eleonore. Also, that most infections were the result of successfully exploited Microsoft Data Access Components (MDAC) and IE vulnerabilities.
He says he has fixed up Chrome and Firefox exploits which didn’t work before, but also asks other malware authors to join the fray and help with updating exploits – I guess this is where the kit earns its “open source” moniker.
Along with the kit, the page hosting it also contains a list of anonymous proxy servers and a dozen of stolen credit card numbers and additional information. The researchers say the forum deleted the post and Google removed it from their search results when notified about it.