Placeholder Image

字幕表 動画を再生する

  • Hey, guys, what's up?

  • Welcome to experience Tech.

  • I'm beneath and in Today's video will talk about exploit kits, which have gained a lot of popularity in recent years and are being extensively used in carrying out major cyber attacks.

  • Beat against big corporate businesses, celebrities, go min departments or just about anybody exploit kits like Black Hole, Nuclear and more.

  • Recent angler has become in famous for not only the kind of sophisticated or advanced technology that they use, but also due to the ease off using these exploit kids with the availability off these kids.

  • Now you don't have to be a programming nerd or ah, computer geek to be able to hack into someone's computer.

  • Now a person with minimal computer knowledge can carry out major cyber crime using these exploit kids.

  • So I think it's very important that we know about these kids, what technology they use to bypass your traditional security mechanism and also what steps we can take to save guard over computers from these attacks.

  • All rights of a dad said.

  • Let's begin today's video All right and exploit Kids are automatic.

  • Tool kits are essentially off framework designed to scan our victim's Web browser, find vulnerabilities and then exploit them to deliver, um al there or malicious payload tow.

  • The victim's machine today essentially performs of their based attack.

  • How are these kids are sold in darkness or crime were market, so the developers are essentially running a business out of it now let's quickly look at the history off.

  • Exploit kids.

  • The earliest attacker kit was a Web Attacker Toolkit, which was released in 2006 and it was sold in Russian crime.

  • There are underground market at a cost off $20 it came with technical support.

  • At the end of 2006 another exploit kit Impact, was released.

  • It was developed by three Russian programmer and was sold at 1000 U.

  • S.

  • Dollars.

  • So it had much more advanced features than the the attacker exploring Kit.

  • Several other exploit kits was released between the period 2007 and 2008.

  • Then, in 2010 came the Black Hole Exploit Kid, which was released in my mailbox and underground Russian hacking for him and was widely used till 2013.

  • In 2012 according to a veggie, 91% off all Web threats was due to a black hole, extraordinary it, but into talking 13 paunch.

  • The creator of Black Hole Exploring Kit was arrested, and since then, black hole exploring Kit took a downward turn and talking about today's exploit kit.

  • The most notorious is the Angler Exploit Kit, which holds 74% off the overall market.

  • Let me quickly give you few stats so that you get a sense off its success.

  • Now, according to Cisco's many years security report.

  • In 2015 anger accounted for 40% off user penetration in cyber attacks.

  • Now again by Cisco's annual Security Report 2016.

  • Anger Exploring Kid targets 90,000 Victims Party in the United States alone and anger by January 2006 has already compromised 90,000 websites.

  • Some of the other popular exploit kits that are used today our nuclear street, Orange magnitude and rig.

  • No anger has been tremendously successful in the past two years, and without going into too much detail, let's quickly look at two main reason for its huge success.

  • First is the use off.

  • Malvo ties Ng Nam advertising the technique in which Melvin is served through the ads on a website by first hacking or compromising the ad network and an angler case.

  • Major ad networks were had.

  • Now.

  • Then the user visit of a page.

  • Guilty.

  • These ads are served, for example, BBC Don't come.

  • The malicious ad has a hidden stripped that checks for your browser plug in like Adobe's Flash, Java or Silver Light version.

  • And if you do not have the latest an updated version off these plug ins, there's a great chance that your computer can be compromised by these kids.

  • Second technique that anger used is called Domaine shadowing Know.

  • In the past, what attacker used to do is carry out their malicious activities from a static or hard quartered i p address.

  • Then they shifted to Dynamic.

  • Deena's No angler has started the technique off domain shadowing.

  • Now it is done by first hacking all regular domain account provided to the customer by the Web hosting company like godaddy dot com.

  • This is usually done via fishing, key logging or any other technique, and then creating multiple subbed amines on that account.

  • So now you have a legitimate domain with malicious subdue means, which is pretty difficult to identify by regular Security Service's and angler has known to use thousands off.

  • These subdue means now.

  • Once angler has successfully compromised a computer, it can be configured to do many things.

  • For example, it could install a ransomware to your computer, scripting all your data and then demanding a ransom to give you the decryption key.

  • It could install a banking malvo to collect your financial information, like credit card information or online banking password.

  • It could also install adverse key logger root kits.

  • Are remote access Trojans on your computer?

  • So it's tremendously powerful having every payload option.

  • Now let's quickly look at some of the steps that we can take to secure our system from these Exploit kids.

  • Now, apart from having a good anti virus and keeping it updated and having a fireball, the most important step is to update or patch your system.

  • Immediately of any vulnerability is discovered, and a passion for it is available.

  • Anger exploit Kit has known to exploit vulnerabilities hours after it's discovered and the developers off these kids are aware that users usually patched the system weekly or monthly, so always keep your system up to date, and you can also install a script blocker Plug in for your Web browser so that you get quick information on all the scripts that are running in the background when you visit a website and block any script if you want to.

  • All right, so that was all for today, guys.

  • I just wanted to do a video on this topic because I think the security officer, it has become a huge concern now that it is ever more easy for someone to buy these advance kit and carry out cybercrime.

  • People are running business out off it, and it is very important that we're aware off this.

  • All right, so thank you guys, for watching this video.

  • If you like this video, kindly present like button.

  • If you have any comment or suggestion, please.

  • Time that an indica meant box.

  • Thank you again for watching.

  • L see you next time.

Hey, guys, what's up?


動画の操作 ここで「動画」の調整と「字幕」の表示を設定することができます

B1 中級

概要: エクスプロイトキット [ アングラーEK ] (OVERVIEW : EXPLOIT KITS [ ANGLER EK ])

  • 0 0
    林宜悉 に公開 2021 年 01 月 14 日