Machine-Learning Algorithm Combs the Darknet for Zero Day Exploits, and Finds Them

In February 2015, Microsoft identified a critical vulnerability in its Windows operating system that potentially allowed a malicious attacker to remotely control the targeted computer. The problem affected a wide variety of Windows operating systems including, Vista, 7, 8 and various others designed for servers and mobile computers.

The company immediately issued a fix. But it didn’t take long for details of the vulnerability to spread through the hacker community.

In April, cybersecurity experts found an exploit based on this vulnerability for sale on a darknet marketplace where the seller was asking around $15,000. In July, the first malware appeared that used this vulnerability. This piece of malware, the Dyre Banking Trojan, targeted users all over the world and was designed to steal credit-card numbers from infected computers.

The episode provided a key insight into the way malware evolves. In the space of just a few months, hackers had turned a vulnerability into an exploit, offered this for sale, and then saw it developed into malware that was released into the wild…

4 Likes

The article, in there they are doing it again:

First some background. Hackers and other nefarious types tend to hide their forums and marketplaces in one of two ways. The first relies on the widely used Tor software to anonymize traffic as it passes around the Internet and prevent it being tracked. This is known as the “dark net.”

So for “hacker”, choices offered are: wicked, evil, sinful, iniquitous, egregious, heinous, atrocious, vile, foul, abominable, odious, depraved, monstrous, fiendish, diabolical, unspeakable, despicable, villainous, criminal, corrupt, illegal, unlawful?

According to a Google Search, true:

  • Top Secret GCHQ Hacker Team Engaged in Nefarious Web Attacks
  • Black hat hacker can remotely attack insulin pumps and kill people

Or false:

  • Hackers: Heroes of the Computer Revolution - 25th Anniversary Edition - Hardcover $35.00
  • Pentagon honors teen hacker for exposing department’s online flaws

Also for query “Certified Ethical Hacker”:

  • how to become an ethical hacker
  • ethical hacker salary
  • ethical hacker jobs

Which in itself sounds a bit awkward too, saw someone else say, a spade is a spade but I give up, go ahead and be a “free penetration tester” ;o)

1 Like