Security vendor Kaspersky Lab says that it appears two or three Russian hacker squads sold an exploit for the WMF (Windows Metafile) vulnerability that raised alarms in December.
Criminal gangs sold the exploit on specialized sites for US$4,000, wrote Alexander Gostev, senior virus analyst at Kaspersky, in a report on virus activity for the last three months of 2005. It appears someone discovered the vulnerability around Dec. 1, and exploit code emerged shortly afterward, Gostev wrote.
One of the purchasers of the exploit was involved in the adware and spyware business, Gostev wrote.
The WMF vulnerability was unique since no patch existed when it was publicly detailed, he wrote. Microsoft initially told customers around the end of December to wait for its monthly patch update in January, while security researchers warned the flaw could be used to steal data on infected machines and use those computers to send spam.
Security analysts also endorsed an unofficial patch created by programmer Ilfak Guilfanov. Microsoft ended up issuing a patch ahead of its regular schedule after critics argued the delay was giving hackers more time to work.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Wireless LANs: Is My Enterprise At Risk?
Customer Experience Management: Improving the Consistency and Quality of Customer Interactions
Data Center Eco-Nomics
Top 10 Ways to Increase IT ROI Without Adding Staff
Multiple suppliers - a common culture
Best Practices in Lifecycle Management
Speeding business innovation with Data Centre Transformation solutions
State of Internet Security
Zones provide focussed content from Computerworld and leading technology partners.
Comments
Post new comment