The distribution of Crimeware software kits soared in August, with the numbers used against websites and end-users outstripping the total for the three preceding months.
Finjan SecureBrowsing is a browser plug-in that adds safety ratings to URLs of search results, Web 2.0 services and websites. Finjan SecureBrowsing identified ten different types of crimeware toolkits in August alone.
These crimeware toolkits are being sold by hackers for only a few hundred pounds.August's crimeware toolkit list included the known MPack, NeoSploit, IcePack, WebAttacker, WebAttacker2 and MultiExploit toolkits, as well as new toolkits such as Random.js, Vipcrypt, Makemelaugh and Dycrypt.
Each of these crimeware toolkits is being updated frequently to include recent exploits and new anti-forensic techniques that allow them to bypass and escape detection by traditional signature, reputation and URL based security products.
The dozens of versions for each of the crimeware toolkits provide the basis for hundreds of unique toolkits in use by cyber-criminals today, said Finjan.
In July, Finjan detected 58 criminals who used the MPack toolkit to successfully infect more than 500,000 unique users in a single month.
The IcePack toolkit was used to infect the Bank of India website last week, with the bank having only just recovered from the attack after initially being forced to take the site down.