Researchers Fingerprint Exploit Developers Who Help Several Malware Authors

2020-10-02 03:18

To this effect, cybersecurity researchers on Friday detailed a new methodology to identify exploit authors that use their unique characteristics as a fingerprint to track down other exploits developed by them.

"Instead of focusing on an entire malware and hunting for new samples of the malware family or actor, we wanted to offer another perspective and decided to concentrate on these few functions that were written by an exploit developer," Check Point Research's Itay Cohen and Eyal Itkin noted.

Noticing the fact that the exploit and the malware were written by two different sets of people, the researchers used the binary's properties as a unique hunting signature to find at least 11 other exploits developed by the same developer named "Volodya".

"Finding a vulnerability, and reliably exploiting it, will most probably be done by specific teams or individuals who specialize in a particular role. The malware developers for their part don't really care how it works behind the scenes, they just want to integrate this [exploits] module and be done with it," the researchers said.

With cyberattacks expanding in scope, frequency, and magnitude, using an exploit developer's code signature as a means to track down bad actors could provide valuable insight into the black exploit market.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/6DRmnaFJT5g/exploit-development.html

#developer #exploit #fingerprint #malware #researcher

News URL

Related news