One in 10 PCs susceptible to Eleonore malware attack

[nsane.forums]

AVG reveals huge number of machines vulnerable to Eleonore toolkit

AVG Research is claiming that one in 10 of all PCs is infected by malware controlled by cybercriminals using the Eleonore exploit toolkit.

The security software firm monitored 165 domains controlled by cybercriminals using the commercial attack software toolkit over a two-month period, during which time it tracked more than 1.2 million infected computers.

Out of 12 million worldwide users visiting compromised web pages, the firm said the toolkit had a 10 per cent infection success rate that could enable cybercriminals to infect and monitor around one in every ten potentially compromised PCs.

A white paper detailing the study said the toolkit targets known vulnerabilities. It particularly highlighted older versions of Microsoft’s web browser, where Internet Explorer (IE) 6 alone accounted for one-third of all infections.

After IE6, all the most popular browsers were shown to be vulnerable, including IE7, IE8, Chrome 4.1, Firefox 3.6 and 3.6, and Opera 9.64 and 9.80. Apple’s Safari browser fared best against Eleonore attacks, allowing just 2.8 per cent of machines running it to be infected.

Adobe Acrobat and Sun JavaScript were also noted for providing the means of infection for a significant number of PCs.

The study also drew attention to the fact that cybercriminals were cashing in on these vulnerabilities, using malware to steal and later sell valuable personal data or trading compromised PCs on the black market.

In a breakdown of countries hosting the criminal servers, Ukraine was the geographical nexus for Eleonore, with over a quarter share.

Attacks focused on nearby Russia, where over 10 per cent of nearly nine billion attacks recorded were successful.

The US and UK also succumbed to similar success levels, with over half a million attacks each during the same period.

“Cybercriminals are getting smarter and smarter at utilising sophisticated techniques to evade detection by traditional URL filtering and database driven security products,” noted AVG.

Mel Morris, chief executive of PC and internet security specialist Prevx, said the study was proof that all of PCs had some big gaps in their web browser defences.

“PC security products must make it harder for malicious software to steal information entered or displayed while the user is surfing, socialising and transacting on the web," he said.

"It is a gaping hole in almost all PC security offerings that is widely exploited by the vast majority of banking and information stealing Trojans, and the root cause behind most internet fraud.”

Morris said security vendors must focus on malware mitigation to defend users from the threats “they do not and probably never will detect in a timely manner”. He added it is "time for the vendors to catch up with market needs".

View: Original Article