Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Multi-stage exploit attacks for more effective malware delivery

04 May 2013   #1
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 
Multi-stage exploit attacks for more effective malware delivery

Quote:
Most drive-by exploit kits use a minimal exploit shellcode that downloads and runs the final payload. This is akin to a two-stage ICBM (InterContinental Ballistic Missile) where the first stage, the exploit, puts the rocket in its trajectory and the second stage, the payload, inflicts the damage.

In the cybercrime world, the de-coupling of the first stage from the payload is designed to make sure that an exploit kit is as generic as possible and can deliver all possible payloads, provided that the payloads only need native execution (either as a standalone executable – files with an “.exe” file extension, or DLL registration via RegSvr32 – files with a “.dll” extension).

We recently found that a Java exploit kit called ‘g01pack’ has added another ‘mid-course’ stage, turning the infection process into a multi-stage attack. The first stage of the attack, the exploit shellcode, executes a second stage, in which a Java class runs in a separate Java process. This second Java process then downloads and runs the final payload. We believe this discovery represents the first instance of an exploit kit delivering its payload via a multi-stage attack.
Source

A Guy


My System SpecsSystem Spec
.

Reply

 Multi-stage exploit attacks for more effective malware delivery




Thread Tools





Similar help and support threads
Thread Forum
Can Your Security Software Block Exploit Attacks?
http://i57.tinypic.com/24e71vp.jpg Source A Guy
Security News
Malwarebytes: With Anti-Exploit, we'll stop the worst attacks on PCs
Source A Guy
Security News
Multi-stage copy/paste?
(Hope this is the right section to post this...) I was just wondering if there's any way in Win7 to have a multi-level copy/paste function, whether natively or with some external prorgam. For example, let's say I have three groups of text "apple", "orange", and "banana". Is it somehow...
General Discussion
Three new attacks using IE zero-day exploit
Source A Guy
Security News
Antivirus Suites Struggle to Block Exploit-based Attacks
Read it here: Antivirus Suites Struggle to Block Exploit-based Attacks | PCWorld
Security News
Most Effective Antivirus Tools Against New Malware
Interesting results in this test: Most Effective Antivirus Tools Against New Malware Binaries Top 5: Ikarus Microsoft Security Essentials Avira AVG
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:30.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App