Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Security

February 8th, 2011, 18:27 GMT · By

New Eleonore Exploit Kit Version Adds 0-Day Exploit

SHARE:

Adjust text size:


New version of the Eleonore attack toolkit released
Enlarge picture
Security researchers warn that a new version of the Eleonore exploit kit has been released on the black market and targets a 0-day vulnerability.

Eleonore is one of the most popular and sophisticated drive-by download attack kits used by cybercriminals to infect people with malware.

Like most tools of this kind, the kit features advanced obfuscation, multiple exploits and a control panel providing statistics about victims.

Drive-by download attacks have become one of the primary methods of distributing malware on the Internet.

Hackers exploit vulnerabilities in legit websites to insert rogue code that loads exploits targeting the most popular applications in the background.

According to Threatpost, the new version of Eleonore has been released sometime on Monday and costs around $2,000, which is a high price for an exploit kit.

"Exmanoize [Eleonore's author] seems to have released a new version of his exploit pack today, adding an 0day, some exploits, and research-resistant functionality to rev his highly priced pack.

"Groups have been using this pack to deliver client side exploits and malware payloads across the net. We’ll be watching for more high profile attacks from these groups using his pack," said Kurt Baumgartner, senior security researcher at Kaspersky Lab.

It's not yet clear which 0-day vulnerability is being targeted by the new Eleonore version, but the Internet Explorer CSS vulnerability is a strong candidate.

The remote code execution flaw was discovered in December and proof-of-concept exploit code that bypasses ASLR and DEP has already been created.

The vulnerability was a zero-day on Monday when this Eleonore version was released, but Microsoft released a patch since then as part of its MS11-003 Security Bulletin.

Users are strongly advised to keep their applications and operating systems up to date in order to avoid falling victims to drive-by download attacks. Running a capable antivirus program with a Web protection component is also critically important.

TELL US WHAT YOU THINK:

3,785 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


Logic Flaw Renders Exploit Kit Inactive After New Year's Eve
New Phoenix Exploit Kit Version Employs Anti-Analysis Techniques
New Drive-By Download Attack Exploits Recently Patched IE Flaw

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use