WMF Exploit Sold Underground for $4,000

← Back to Stories (view on slashdot.org)

WMF Exploit Sold Underground for $4,000

Posted by CmdrTaco on Thursday February 2, 2006 @09:34AM from the now-that's-just-scary dept.

tero1176 writes "Eweek has a story with information from Kaspersky showing that exploit code used in the WMF malware attack was being peddled on underground sites by rival Russian hacker groups for $4,000 in early December. The first sign of an exploit was traced back to the December 1, 2005, a full month before anti-virus vendors started noticing mysterious WMF files rigged with malicious executable code. It serves as more proof that the market for malware is well and truly alive."

18 of 166 comments (clear)

Maybe they should get involved... by ackthpt · 2006-02-02 09:38 · Score: 5, Funny

It serves as more proof that the market for malware is well and truly alive."
Do you suppose Microsoft will try to enter this market, too?

--

A feeling of having made the same mistake before: Deja Foobar
1. Re:Maybe they should get involved... by geekoid · 2006-02-02 13:27 · Score: 2, Funny
  
  Yes. you are the only one here that thinks the problem would through us back to the stone ages.
  
  You are hear by forbidden from ever using statistics or percentages again.
  
  --
  The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
2. Re:Maybe they should get involved... by ozmanjusri · 2006-02-02 15:35 · Score: 4, Funny
  
  You are hear by forbidden from ever using statistics or percentages again.
  
  You are the only one here who thinks hereby is spelled "hear by" or throw is spelled "through". *
  
  You are hereby forbidden to use the English language in a pedantic and patronising manner ever again.
  
  * Probably not true
  
  --
  "I've got more toys than Teruhisa Kitahara."
What, you expected... by Orrin+Bloquy · 2006-02-02 09:39 · Score: 4, Funny

...open source exploits for a commercial OS?

Joke, don't waste your mod points here.

--
"Made up/misattributed quote that makes me look smart. I am on /. and I must look smart."
Access to this market by davidgrouchy · 2006-02-02 09:41 · Score: 5, Funny

Will my AT&T "platinum," "gold" and "silver" levels of Internet access provide access to this underground market ?
1. Re:Access to this market by TubeSteak · 2006-02-02 10:15 · Score: 2, Funny
  
  Sorry, but no.
  
  Just wait till you get your next AOL Platinum trial CD in the mail. Then you'll be good.
  
  --
  [Fuck Beta]
  o0t!
Russians eh? by Dragon+of+the+Pants · 2006-02-02 09:44 · Score: 4, Funny

In Soviet Russia, code exploits you!
1. Re:Russians eh? by MadUndergrad · 2006-02-02 12:29 · Score: 2, Funny
  
  Also the fact that things like the Spanish Inquisition are used so infrequently these days that when one actually is used it's that much more effective. Last time I said "supposing two carried it together" it got quite a few laughs.
Comment removed by account_deleted · 2006-02-02 09:48 · Score: 2, Funny

Comment removed based on user account deletion
Re:And who is surprised by grasshoppa · 2006-02-02 10:03 · Score: 2, Funny

Organized crime has found the internet, and they seem to like what they see. It's just like one huge, dark alley lined with endless smoke-filled lounges. Lots of seamy places to meet up. Anonimity if you want it. Under-the-table dealings. Faceless bosses and eager young turks with itchy trigger fingers.

The perfect growth media for scum and parasites.

You misspelled AT&T a few times in there.

--
Mod me down with all of your hatred and your journey towards the dark side will be complete!
DRM needed by Anonymous Coward · 2006-02-02 10:05 · Score: 5, Funny

Ironically, copies of the exploit were pirated by a group of Chinese hackers and sold on Ebay for pennies on the dollar...
Re:And who is surprised by Amouth · 2006-02-02 10:08 · Score: 2, Funny

oh be fair and leave the white house out of this.. you know W can't read

--
'...if only "Jumping to a Conclusion" was an event in the Olympics.'
Hmm.. by punkr0x · 2006-02-02 10:24 · Score: 3, Funny

So is windows exploits are worth $4,000 a pop, and Bill Gates is worth something like $50 billion, that adds up to... 12.5 million windows exploits. That number seems a little low, must be not all of them are worth 4 grand.
More expensive with Vista by jbeaupre · 2006-02-02 10:34 · Score: 2, Funny

It will cost an extra $500 to get set up to sign your malware in order for it to install. Good thinking Microsoft. That extra 12.5% tax will make it totally uneconomical.

--
The world is made by those who show up for the job.
in soviet swedenuckistan... by Anonymous Coward · 2006-02-02 11:02 · Score: 0, Funny

....dead parrot bakes pie and throws it at YOU!
Re:Windows Only? by AndroidCat · 2006-02-02 11:15 · Score: 4, Funny

I remember a mud client, early version of Tintin, IIRC, which would make all players shout "Snowy rules, OK" if a client saw some particular text.
Not unlike Slashdot where certain text will cause all readers to post "All your base", "Soviet Russia", "..only old people", "3. Profit!" comments.

--
One line blog. I hear that they're called Twitters now.
unknown name? by AyeRoxor! · 2006-02-02 12:19 · Score: 4, Funny

"[...] the vulnerability was detected by an unnamed person around Dec. 1, 2005."

Ok, what are the chances that this person really has no name?!

I'm going to have to call shenanigans on this whole article.
Great seller! by saboola · 2006-02-02 14:13 · Score: 4, Funny

Exploit works as advertised!!! Speedy email!! Would Buy From AGAIN!! A+++++++++++! :)