Security News > 2020 > October > Researchers Fingerprint Exploit Developers Who Help Several Malware Authors
To this effect, cybersecurity researchers on Friday detailed a new methodology to identify exploit authors that use their unique characteristics as a fingerprint to track down other exploits developed by them.
"Instead of focusing on an entire malware and hunting for new samples of the malware family or actor, we wanted to offer another perspective and decided to concentrate on these few functions that were written by an exploit developer," Check Point Research's Itay Cohen and Eyal Itkin noted.
Noticing the fact that the exploit and the malware were written by two different sets of people, the researchers used the binary's properties as a unique hunting signature to find at least 11 other exploits developed by the same developer named "Volodya".
"Finding a vulnerability, and reliably exploiting it, will most probably be done by specific teams or individuals who specialize in a particular role. The malware developers for their part don't really care how it works behind the scenes, they just want to integrate this [exploits] module and be done with it," the researchers said.
With cyberattacks expanding in scope, frequency, and magnitude, using an exploit developer's code signature as a means to track down bad actors could provide valuable insight into the black exploit market.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/6DRmnaFJT5g/exploit-development.html
Related news
- North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign (source)
- Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail (source)
- Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users (source)
- FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine (source)
- Hackers Exploit Legitimate Packer Software to Spread Malware Undetected (source)
- "Researchers" exploit Kraken exchange bug, steal $3 million in crypto (source)