Symantec Report on Attack Kits and Malicious Websites

Symantec Report on Attack Kits and Malicious Websites
Un Livre Blanc de Symantec

Attack toolkits are bundles of malicious code tools used to facilitate the launch of concerted and widespread attacks on networked computers. Also known as crimeware, these kits are usually composed of prewritten malicious code for exploiting vulnerabilities along with various tools to customize, deploy, and automate widespread attacks, such as command-and-control (C&C) server administration tools. As with a majority of malicious code in the threat landscape, attack kits typically are used to enable the theft of sensitive information or to convert compromised computers into a network of zombie bots (botnet) in order to mount additional attacks. These kits are advertised and sold in the online underground economy—a black market of servers and forums where cybercriminals advertise and trade stolen information and services. Symantec believes that attack kits play a significant role in the continuing evolution of cybercrime into a self-sustaining, profitable, and increasingly organized economic model worth millions of dollars.