February 2, 2006 4:24 PM PST

Russian hackers hawked Windows exploit for $4,000

Related Stories

AMD forums laid low by Windows exploit

January 30, 2006

180solutions upgrades security

December 6, 2005
Competing hacker groups in Russia were peddling the exploit code responsible for the Windows Meta File attacks last December for $4,000, according to security company Kaspersky Lab.

"One of the purchasers of the exploit is involved in the criminal adware/spyware business," read a Kaspersky Lab quarterly report released this week. "It seems likely that this was how the exploit became public."

The WMF flaw unsettled security experts after they found that the virus-writing community discovered the vulnerability before they did. A slew of Trojan programs were written to try and take advantage of the exploit. The British Parliament was attacked by hackers who tried to exploit the WMF flaw.

MessageLabs, an e-mail filtering provider for the U.K. government, said last month that targeted e-mails were sent to various individuals within government departments in an attempt to take control of their computers. The e-mails contained the exploit code.

A statement on the Kaspersky Lab site said more than a thousand instances of malicious code were detected in a week. "As the vulnerability was present in all versions of Windows, the situation threatened to spiral out of control."

According to Kaspersky, the situation was mitigated by the holiday season, when Internet use was much lighter than normal.

When the corrupt WMF files finally came to the attention of anti-spyware experts, they were traced back to Web sites known to spread advertising software surreptitiously to computers.

Security companies have lamented the practice by some Web advertisers of paying others to distribute their software. Some of the more unscrupulous among those are in the business of distributing exploits that let them spread adware without the knowledge of computer users.


Join the conversation!
Add your comment
So far, the Russians don't care.
Everyone knows that a great deal of the bad stuff that's designed to cripple systems comes out of Russia. Why is it that their gov't does absolutely nothing about it. It's kind of like China "pretenting" to stop the manufacturing and sale counterfeit products. It's not happening.

The Russian gov't doesn't care about it.
Posted by Dead Soulman (245 comments )
Reply Link Flag
What difference does it make where it comes from?
If your stupid enough to download or keep your machine unprotect or run windows, its your fault.
Posted by baswwe (299 comments )
Link Flag
That's not a very good deal!
Microsoft sells this exploit for under $300.00, to anyone, on a daily basis.
Posted by Muddleme (99 comments )
Reply Link Flag
$150 for XP Pro gets you thousands of gaping security bugs, application hangs and generally unusable garbageware. Thanks Bill you're such a buddy.
Posted by nothingavailable (53 comments )
Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.