News

Russian hacker groups sold WMF exploit code

Hacker groups in Russia were trying to sell exploit code for the recent Windows Meta File flaw before it was even discovered by security software companies.

Russian-based internet security software company Kaspersky Lab said some hackers were attempting to sell the malicious code for around £2,500 before the flaw was exploited by remote attackers just after Xmas.

Kaspersky said in a quarterly security report that hackers were successful in selling the exploit code to a “criminal adware/spyware business,” which used the code to distribute its rogue software on users’ machines without them knowing.

Microsoft patched the WMF flaw in the new year, after being pressured by the internet security community over the serious threat posed by the vulnerability.

Microsoft was originally going to delay a patch until its monthly scheduled security release date, but was persuaded that widespread WMF attacks were imminent.

The fact that “for sale” exploit code was available for a flaw not already discovered by the internet security market could illustrate a worrying trend, said Kaspersky.


 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy