Saturday, April 18, 2009
YES Exploit System
YES Exploit System. Another crimeware made in Russia
The suite of applications used to automate different types of attacks via the Web (crimeware), have been transformed into a dangerous trend that clearly shows the inclination and demand criminal automate processes malicious.
I've noticed several of them of which Russia is a paradise for the creative development of crimeware. Also, technical support, in many cases, and the creation of crimeware packages "tailored" ready to implement and need only to know to modify the default password of admin panel via the web.
Which is an extra spice of proliferation of malicious acts performed by persons not familiar with the type of program you are using. Just purchased a modest cost ready to start spreading malicious instructions in bulk.
YES Exploit System, is another of the crimeware package that meets these characteristics of easy implementation and use.
The new version has recently presented a cost of 700 USD in the Russian black market and incorporates a series of "improvements" malicious functions with respect to the previous version, in addition to free updates for life.
Among the new features that are incorporated crimeware:
The possibility to obtain minimum statistical information through a new manager doesn't replace the statistical complete but supplements it.
Notice that no other infections have occurred through YES Exploit System in the victim computer.
Updating the GeoIP database.
Ability to download multiple files from the same page, for example, index.php can be downloaded from abc.exe, def.exe, ghi.exe.
Administration of downloading files via the control panel and not FTP.
Optimizing PHP code.
Elimination of statistics and guest checker FTP.
Control files downloaded through the administration panel.
Optimization of the general control panel for a better performance in loading it.
Added a new level of encryption code iframe.
Encryption binaries to avoid detection by the AV companies.
A new alternative to centralized management and automation of criminal activities using the Internet as a base for attacks.