Subscribe via RSS
Archives by Date
September 2008
August 2008
July 2008

See all Archives
Archives by Category
'Canes
Afghan Update
Ammo and Munitions
Armor
Around the Globe
Av Week Extra
Axe in Iraq (and Elsewhere)
Bizarro
Blimps
Blog Bidness
Body Armor Blues
Bomb Squad
Brownshoes in Action
Bubbleheads, etc.
Cammo Green
Catch the "Buzz"
Chem-Bio
Civilian Apps
Cloak and Dagger
Commandos
Comms
Contingency Ops
Cops and Robbers
Cyber-warfare
Data Diving
Defense Tech Poll
Dissent Tech
Door Kickers
Drones
DT Administrivia
Eat DT's Dust
Extra! Extra!
Eye on China
Fast Movers
FCS Watch
Fire for Effect
FOS Files
Friday Funnies
Gadgets and Gear
Going Green
Grand Ole Osprey
Ground Vehicles
Guns
Homeland Security
In the Weeds with Eric
Info War
Iraq Diary
Jarhead Jazz
JSF Watch
Just War Theories
Lasers and Ray Guns
Less-lethal
Logistics
Los Alamos and Labs
M4 Monopoly
Medic!
Mercs
Missiles
Money Money Money
Most Wanted
MRAP Edge
Net-Centric
Nukes
Old Skool
Our Shrinking Planet
Planes, Copters, Blimps
Politricks
Polmar's Perspective
Popular Mechanics
Rapid Fire
Raptor Watch
Red Team
Retro-Futuro
Robots
Roll Your Own
Sabra Tech
Ships and Subs
Snipertech
Space
Special Ops
Star Wars
Strategery
Stray Trons
Tactical Development
Terror Tech
The Deadlies
The Defense Biz
The Peoples' Site
The Sunday Paper
The Tanker Tango
The View from Av Week
Those Nutty Norks
Training and Sims
Trimble on the Case
Video Lounge
War Update
Ward'z Wonderz
You can run...

See all Archives
Newsletters

Edited by Christian Lowe | Contact

Professional Cyber Arms Dealers

hacker.jpg

Software used for years by hackers and criminals have now become mainstream and, as we have mentioned before, hacking and cyber crime have been professionalized. As such, tool kits that enable these activities have been packaged for sale and wide dispersion across the Internet. These cyber attack tool kits make it possible to automate hacking, espionage, fraud, and much more. These top hacking tools are now being sold for prices ranging from less than $100 and up to $50,000.

And you won’t believe this: The most advanced packages come with customer service/support. In at least one case the package includes 12 months of technical support and updates to ensure the kits stay up to date on the latest web vulnerabilities.

Arguably the most advanced hacker tool kit is MPack. According to Intelomics, MPack is a PHP-based malware kit with high quality key-logging capabilities that sells for between $500 to $1,000 USD and the first version was released in December of 2006. It is believed to have been produced by RBN, a multi-faceted cybercrime organization and appears to come with support and monthly updates.

RBN and their support units provide scripts and executables to make MPack undetectable by antivirus software. Every time MPack is generated it looks different to the anti-virus engines and it often goes undetected. The modularization of delivery platform and malicious instructions is a growing design in cyber weapons. MPack is very popular and powerful. In June 2007, it was used by a single person to attack and compromise over 10,000 websites in a single assault.

FACT: In 2007 a new piece of malware was identified every 45 seconds.

These tools have become common place and are quite affordable. Paul Henry, VP at Secure Computing, estimates there are currently about 68,000 cyber attack tools available for download and the number is growing fast. In some cases these tool kits are sold under the heading of "Penetration Testing Products," a legitimate and useful product.

However, the automation that enables multi-site scanning and intrusion would have very little applicability in the real security testing world. Experts have estimated that the underground market for cyber attack tools is in the hundreds of millions of dollars worldwide.

Note: MPack should not be confused with mpack, which is a harmless command-line utility.

Common Cyber Weapons and Attack Tools:
MPack, SQLNinja
Shark 2, WFuzz
Nuclear, ProxyStrike
WebAttacker, Wireshark
IcePack, httpRecon
John the Ripper, Exploit-Me
USB thief, Burp
Kismet, Metasploit

Cyber Attack Tool Web Sites
http://www.ethicalhacker.net
http://www.metasploit.com
http://www.hackerscatalog.com/Products/Deal_Steals/index.html

-- Kevin Coleman
April 24, 2008 08:36 PM | Cyber-warfare | 

Comments

Arthur I am affraid there is so much Microsoft out there it is too late to ban it.

But being from Netscape, I do like the way you think!

Posted by: Kevin at April 29, 2008 08:34 PM


Don't you see the trend? Half a million _ISS_ servers attacked, a new virus every 45 seconds (for _Windows_), etc, etc. The easiest solution would be to ban all Microsoft products. Better yet, have some regulation in place to insure that system admins have _some_ brains. The truth is, most of these problems are caused by people going into a field which they have no interest in. Subsequently, they do a poor job at securing their employer and things like this happen.

The other problem is of course Microsoft Windows. It's really sad that this poorly put together Operating System has created an entire world of criminal activity that relies on botnets made available by your friendly neighbourhood Windows computers. A repository system for software installation (similar to what Linux has used for years) is one great way to avoid social engineering attacks. However, the real problem is that you have one giant, poorly coded OS for a target and a company that doesn't push out patches very quickly. This leaves huge, gaping security holes that hackers continually exploit.

Posted by: Arthur at April 28, 2008 09:49 PM


RIGHT AGAIN!

For all your critics of Mr. Coleman's blogging on here, you should be eating your words AGAIN! 500,000 IIS machines got attacked based on a vulnerability that was acknowledged by Microsoft on April 15th. This is the type of attack the Kevin spoke of in his April 21st Cyber Holes in your Software posting. The attack began just three days after his post. Kevin Coleman has proven himself as on of the worlds top Cyber Warfare Strategist. I am so glad he is on our side.

Read http://www.internetnews.com/security/article.php/3742926/HalfMillion+IIS+Servers+Hit+in+Cyber+Attack.htm

Posted by: Uncercover at April 27, 2008 05:21 PM


I just found the DHS listed the "hardware sabatoge" as a threat and initiative the have for this year! How right you were.

Working towards a stronger supply chain defense to reduce the potential for adversaries to manipulate IT and communications products before they are imported into the U.S. To address this challenge, the Federal Government is exploring protections into our federal acquisition process and developing a multi-faceted strategy to reduce risk at the most appropriate stage of the IT and communications product lifecycle.

Posted by: Brad at April 27, 2008 12:41 PM


Well I found an article about the German law. I found allot in German but this one is in english.

http://blogs.techrepublic.com.com/networking/?p=263

Thanks to the poster who talked about this.

Posted by: Kevin at April 25, 2008 06:48 PM


A good Hacker Tool List

http://www.jnetworld.com/tools.htm


Also you need to realize most hacking is to establish a source of information, not to harm the system!

Posted by: Spyguy at April 25, 2008 06:05 PM


Kevin and Spy Guy are right! One man's tool is easily another man's weapon.

Anyhow the best hacking tools I don't think Kevin would ever list or provide info on how to get them.

Posted by: Terry at April 25, 2008 05:56 PM


LOOK THIS IS REAL SIMPLE

This is guerilla warfare. In the modern era, guerilla warfare refers to resistance by irregular groups toward an traditional large formal force. Guerilla warfare also describes a set of tactics employed by smaller forces against larger, better equipped, and better supplied forces. They use, adapt and modify what ever they have at had to attack the larger, better equipped force.

Maybe I am way too involved in the cyber war that is going on. Just yesterday 500,000 IIS servers were attacked. But the message seem clear to me. This is all out guerilla warfare and the enemy will use what ever they can to accomplish their mission. If you would have read the article about what types of "hacker tools" Germany made illegal you would have said you have to throw-out all your administratve software.Here are some of my favorite hacking tools. All would be illegal as I read the law in Germany.

Coldlife 4.0
DeCSS 1.2b
FPort 1.33
NMap Win 1.2.12
John the Ripper 1.6
PCHelps Network Tracer
TCPIP Protector Pro 7.18
IntelliTamper
Deleted File Analysis Utility
WebMail Spy
Bluescan
Blue Sniff
WinWhatWhere
W32.Bugbear.B KeyLogger
Free Scratch and Win
Generic_KeyLoggerMB ShellSpy
Tofger-A
SafeSurfing
Black Box
Iopus Starr Pro Key Logger

Real "hackers" use commonly available diagnostics and other admin utilities.

Open your eyes

Posted by: Spy Guy at April 25, 2008 05:34 PM


Since the list seems to be distracting form the point of the matteer, let me try to shed some light on how it came about.

Think DUAL PURPOSE

1. Fist of all sys admin tools are being dual purposed.

2. The list was compiled based on actual attacks we have been involved with, experienced or seen over the last three years. If the tool does not appear on the web, I am not overly concerned because that was the tool/attack code we discovered.

The point is that organizations are and have turned common admin tools into attack tools.

Posted by: Kevin at April 25, 2008 05:17 PM


Yeah, some of these "Cyber Weapons and Attack Tools" come with common Linux distributions because they have valid uses. No one is going to be trying to compromise a DoD mainframe with Wireshark.

Posted by: Maurs at April 25, 2008 12:36 PM


Fixed, Chris...thanks.

Posted by: Christian at April 25, 2008 11:36 AM


I'm not disagreeing with the article but, the list is very misleading. For instance, a simple web search shows there are no products named, "WebAttacker Wireshark" or "IcePack httpRecon" or "USB thief Burp", just to name a few.

I'm sure the list was just mis-printed (at least I hope it was).

To continue my gripe of this list of "tools"...many are legitimate tools that, if used properly, could prevent many of the attacks out there today. The sad thing is that most developers and testers don't know about them or use them in their practice.

On that note, I think it would be best to separate the list into two different lists, one for legitimate tools and one for malware packages.

Posted by: Chris at April 25, 2008 09:13 AM


Some of those tools are far from "hacker" tools, but much more commonly used by sysadmins and others.

Wireshark, for example, is a network traffic capture package, and the best tool for debugging your own network.

John the Ripper is a bulk password cracker. It is considered good practice as a sysadmin to crack your user's passwords to ensure that others can't.

Kismet is an 802.11 sniffer/utility.

Metasploit is a meta toolkit. It is a toolkit for writing exploits (thus the name "metasploit").

Putting these tools in the same category as MPack is, IMO, not the best in the world.

Posted by: Nicholas Weaver at April 25, 2008 08:44 AM


Post a comment




Remember Me?


Please enter the code as seen in the image below to post your comment.