Exploits are methods or tools for abusing software bugs for nefarious purposes.
They’re very popular with cybercriminals because, with the right exploits, they don’t have to persuade you to download and install software, open attachments or enable macros, they can just bypass your security protections and tell your computer to run their malicious code.
Exploits take on many different forms. In October 2017, criminals started exploiting a 24 year old feature of Microsoft Office that could be used to run malicious code embedded in emails, calendar invites and Office documents.
Earlier in the same year we saw a brief revival of the network worm as criminals used the EternalBlue exploit, which exploits a bug in Microsoft’s SMB (Sever Message Block) protocol, to spread malware around the world in day, during two separate global outbreaks: WannaCry and NotPetya.
Even though exploits can be very complex and difficult to develop, you don’t have to be a skilled hacker to get your hands on one.
There is lucrative trade in exploits and, thanks to Crimeware as a Service, cybercriminals can buy the hardware and software they need, including kits that package up exploits in a way that’s easy to use.
As infamous cybercriminal and founder of Mitnick’s Absolute Zero Day Exploit Exchange, Kevin Mitnick, explained to Wired:
When we have a client that wants a zero-day vulnerability for whatever reason, we don’t ask, and in fact they wouldn’t tell us. Researchers find them, they sell them to us for X, we sell them to clients for Y and make the margin in between.
While it is becoming easier and easier for cybercriminals to build new malware variations quickly, there is some good news: by using the right exploit mitigation techniques we can eliminate entire classes of vulnerabilities and break the exploits that depend on them.
You can read more about this in our Exploits Explained paper.
Looking at the exploit industry as a whole, the paper details how the top techniques, like “heap spray,” which makes vulnerabilities easier to exploit, and “stack pivoting,” which bypasses data protections, work.
And, to arm you against these attacks, the paper also takes an in-depth look at the components of exploit techniques and how Intercept X can stop them from being used.
Download the paper today to learn more.