We have seen what is meant by Security Vulnerabilities in computer parlance. Today we will see what is an Exploit and what are Exploit Kits. When a vulnerability is detected, an exploit follows until a patch is issued to address the vulnerability. This is the basic difference between vulnerabilities and exploits. Now let us see them in a bit more detail – what are exploits and exploit kits.
A patch in time helps in preventing exploits. At the time of writing this article, the POODLE vulnerability was the biggest vulnerability known to people which made SSL 3.0 prone to exploits.
What are Exploits?
Exploits are based on vulnerabilities – before they are patched. They allow hackers and attackers to run malicious code on your computer, without you even bing aware of it. The common Exploits we aee are usually in in Java, Doc & PDF documents, JavaScript and HTML.
One can define exploits as:
Attacks on a system (where the system can be part of computer, a computer, or a network as a whole; it can be software or hardware – including Intranets and databases thereof) to make use of a certain vulnerability of the system for personal/own benefits/advantages.
Thus, it is clear that “exploits” follow “vulnerabilities”. Suppose a web criminal detects a vulnerability in any of the products on the Internet or elsewhere. In that case, she or he may attack the system containing the vulnerability to gain something or to deprive authorized users of using the product properly. Zero-day vulnerability is a hole in software, firmware or hardware that is not yet known to the user, vendor or developer, and is exploited by hackers, before a patch for it is issued. Such attacks are called Zero-day exploits.
What are Exploit Kits?
Exploit Kits are malicious toolkits that can be used to exploit vulnerabilities or security holes found in software and services. In short, they help you exploit vulnerabilities. These exploit kits contain a good GUI interface to help even average users of the computer and Internet to target different vulnerabilities. Such kits are available freely on the Internet these days and come with Help documents so that the buyers of the service can use the kits effectively. They are illegal but are yet available and security agencies cannot do much about it, as the buyers and sellers go anonymous.
Commercial exploit kits have existed since at least 2006 in various forms, but early versions required a considerable amount of technical expertise to use, which limited their appeal among prospective attackers. This requirement changed in 2010 with the initial release of the Blackhole exploit kit, which was designed to be usable by novice attackers with limited technical skills – in short, anyone who wanted to be a cybercriminal and could afford to pay for the kit, says Microsoft.
Exploit kits are readily available on the Internet. You do not need to access the Darknet or Deepnet to purchase an exploit kit as standalone software or as a SaaS (Software as a Service). Though it is widely available in the Darknet, payments are to be made in an electronic currency such as Bitcoin. There are numerous malicious hacker forums on the regular Internet that sell exploit kits as a whole or as a service.
According to Microsoft,
“In addition to one-on-one transactions in which buyers purchase exclusive access to exploits, exploits are also monetized through exploit kits—collections of exploits bundled together and sold as commercial software or as a service.”
The exploit kits are constantly upgraded to eliminate vulnerabilities that have been patched and to add new exploits for new vulnerabilities. It is a pity that the web criminals find out vulnerabilities before the software vendors and developers do it. This makes it a high-income business that attracts many to purchase the kits and exploit the various products for their own benefit. The main software targeted are Windows, Java, Internet Explorer, Adobe Flash, etc, possibly due to their immense popularity and usage.
Apart from keeping your operating system and installed software up-to-date at all times and installing a good Internet security software, tools like SecPod Saner Free can help you identify and patch vulnerabilities and protect yourself against such attacks.
