News
Virus Bulletin: ’Beta’ new exploit kit on the block
June 2015 by Virus Bulletin
Virus Bulletin has published a paper by researchers Aditya K.
Sood and Rohit Bansal, in which they look at the ’Beta’ exploit kit, which has recently started being sold in underground markets.
The researchers obtained access to a Beta command and control panel and were thus able to learn details of the exploit kit, including its price, the structure of the URLs it uses, and the exploits that are being used.
In line with a trend seen in other exploit kits, Beta’s main focus is on exploits in Adobe’s Flash Player. It also checks domains and executables against detection by anti-virus engines.
Another researcher has found what is almost certainly a different version of the same exploit kit, which has been dubbed ’Sundown’.
By publishing details of this exploit kit, Virus Bulletin and the paper’s authors hope to raise awareness of its existence, which could help with swift detection as soon as it starts to be used more widely.
The paper, ’Beta exploit pack: one more piece of crimeware for the infection road!’ can be browsed online at https://www.virusbtn.com//virusbulletin/archive/2015/06/vb201506-Beta-BEP
in HTML-format, or downloaded as a PDF from https://www.virusbtn.com/pdf/magazine/2015/vb201506-Beta-BEP.pdf
(both links can be shared freely).
