Slashdot Mirror

← Back to Stories (view on slashdot.org)

Turning Attackers' Tools Against Them

Posted by kdawson on from the back-bearings dept.

Tasha26 writes "The BBC has an interesting Web security snippet from the SyScan 2010 security conference in Singapore. In a presentation, security researcher Laurent Oudot released details of bugs found in commonly used attack kits such as Neon, Eleonore, and Sniper. These loopholes could be exploited to get more information about the attackers, perhaps identifying them, stealing their tools and methods, or even following the trail back to their own computer."

3 of 75 comments (clear)

  1. Time for hacker bounty hunter! by maillemaker · · Score: 5, Interesting

    There should be bounties put on these folks spreading this shit.

    --
    A work that expires before its copyright never enters the public domain and thus enjoys eternal copyright protection.
  2. Re:No Honor Among Thieves by WrongSizeGlass · · Score: 3, Interesting

    Do you really think that the creators of these "tools" aren't going to leave SOME way of getting back into them? To prevent them from being used against their own systems?

    No, of course not ... though they may install a copy of Kaspersky to remove the competition from their latest conquest.

  3. Illegal in many jurisdiction by Isao · · Score: 4, Interesting

    This is great intel, no doubt. There's a bit of irony in reporting vulnerabilities in malware - can I get a CVE for that? Counter-attack has a bunch of potential issues, though. The primary one is attack attribution, and the other primary one is that it's not legal in many places (including the United States) to counter-attack your attacker. If you execute code or access a system without the permission of the system-owner, you're in the same crime category as the original miscreant.