Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Multi-stage exploit attacks for more effective malware delivery

04 May 2013   #1

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
Multi-stage exploit attacks for more effective malware delivery

Most drive-by exploit kits use a minimal exploit shellcode that downloads and runs the final payload. This is akin to a two-stage ICBM (InterContinental Ballistic Missile) where the first stage, the exploit, puts the rocket in its trajectory and the second stage, the payload, inflicts the damage.

In the cybercrime world, the de-coupling of the first stage from the payload is designed to make sure that an exploit kit is as generic as possible and can deliver all possible payloads, provided that the payloads only need native execution (either as a standalone executable – files with an “.exe” file extension, or DLL registration via RegSvr32 – files with a “.dll” extension).

We recently found that a Java exploit kit called ‘g01pack’ has added another ‘mid-course’ stage, turning the infection process into a multi-stage attack. The first stage of the attack, the exploit shellcode, executes a second stage, in which a Java class runs in a separate Java process. This second Java process then downloads and runs the final payload. We believe this discovery represents the first instance of an exploit kit delivering its payload via a multi-stage attack.

A Guy

My System SpecsSystem Spec


 Multi-stage exploit attacks for more effective malware delivery

Thread Tools

Similar help and support threads for2: Multi-stage exploit attacks for more effective malware delivery
Thread Forum
Multi-stage copy/paste? General Discussion
Antivirus Suites Struggle to Block Exploit-based Attacks Security News
Web malware exploitation kits updated with new Java exploit Security News
USB Malware Attacks On the Rise Security News
Most Effective Antivirus Tools Against New Malware System Security
Microsoft bracing for malware attacks from embedded fon System Security
Vicious Malware Attacks Via Antivirus Ads News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 10:10 PM.
Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33