All the latest UK technology news, reviews and analysis


Researchers warn of 'Cool' exploit platform

20 Nov 2012
malware virus security threat breach

Users are being warned of the emergence of a new and popular malware exploit kit, dubbed 'Cool', which allows an attacker to remotely target security vulnerabilities in order to perform 'drive by' malware installations.

Researchers said that in addition to serving up attacks, the tool is also able to perform more sophisticated functions, including scanning for browser and operating system and detecting potentially vulnerable plug-ins.

According to F-Secure researchers Karmina Aquino and Timo Hirvonen, Cool bears a strong resemblance to another popular malware exploit platform. The duo noted that a number of the attack targets, techniques and updates displayed by Cool match that of the dubious Blackhole kit.

The researchers pointed out that when new vulnerabilities are disclosed, Blackhole and Cool often show updates at similar times and target many of the same vulnerable components and versions.

"With all these 'differences', it appears that Cool and Blackhole are more than just a tiny bit related," the researchers said in a blog posting.

The F-Secure researchers also noted a resemblance between the two attack kits at the coding level, performing similar functions and operations when carrying out attacks. Aquino and Hirvonen noted that when attacking components such as Flash, the two kits even go so far as to use the same file names and code.

"It may be just us, but the version checks by the two kits are very much alike." the researchers explained.

"And when we checked out Cool's Flash exploits, we can't help but notice that it uses the same Flash filenames as seen from Blackhole version 1, which happen to exploit the same Flash vulnerabilities."

As the cybercrime market has grown, attack kits have become an increasingly popular tool for spreading malware. The kits can range from free platforms to highly-sophisticated premium attack platforms.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols
About

Shaun Nichols is the US correspondent for V3.co.uk. He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
22%
13%
4%
22%
28%
11%

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

Senior PHP (JavaScript / node.js developer)

Senior PHP (JavaScript / node.js developer) Assertis...

Business Analyst / Modeller

Our client makes innovative interactive games for a specific...

Field Services Engineer

Field Services Engineer Command Alkon, a global...
To send to more than one email address, simply separate each address with a comma.