All the latest UK technology news, reviews and analysis

Experts warn of 'Tornado' hacker tool

by Shaun Nichols

More from this author

23 Apr 2008

Be the first to comment

  • Tweet this
Hacker
The 'Tornado' malware offers attackers a full set of traffic statistics

Security researchers have discovered a new web-based attack tool which exploits up to 14 browser vulnerabilities and installs malware on the user's system.

Symantec researcher Liam O'Murchu said that 'Tornado' is commonly installed on a server by a single 'administrator', who then offers accounts on the server to other attackers.

Further reading

The attackers then inject code into other web pages to redirect users to the Tornado server, where the exploit and malware installation is conducted.

"Perhaps this is why the code for this pack has stayed private for so long," said O'Murchu.

"Using this model, the creators of the pack can sell it to a few trusted customers at a higher price, rather than selling it to many untrustworthy customers and risking the code being released in the underground."

Tornado also offers attackers a full set of traffic statistics and options for selecting which exploits can be conducted.

The malware features an option to redirect repeat visitors to a phoney 'account suspended' page.

This helps the tool to evade security researchers who will make repeated visits to infected pages in order to study the exploits and malware in use.

Programs such as Neosploit and MPack offer similar capabilities to set up servers that can conduct multiple exploits against users.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

data-security-key

Thousands of public encryption keys found to offer no security

Related white papers

Related articles

Related jobs

Today's top stories

Web blocking. Content owners want to stop copyright infringement

Music file-sharing site taken offline by UK Serious Organised Crime Agency

Mozilla Firefox logo

Mozilla adds Android and security updates to Firefox roadmap

Acer Aspire S3 Ultrabook

Acer Aspire S3 ultrabook review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Field/Site Engineering Manager/Leader

Field/Site Engineering Manager/Leader Brief: Polar...

Product Manager, Open Repository (ref:BMC/PMR)

Product Manager, Open Repository (ref:BMC/PMR) End...

Java/JEE Software Developer-Dotcom/eCommerce Software House

Java/J2EE Software Developer/Programmer - Dotcom/ eCommerce...

Field/Site Engineering Manager/Leader

Field/Site Engineering Manager/Leader Brief: Polar...

To send to more than one email address, simply separate each address with a comma.