Nuclear EK Authors Are Based in Russia, Make $100,000 per Month

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
In a two-part investigation, security researchers from Israeli security firm Check Point have dug around in countless logs of telemetry data to get to the bottom of the Nuclear Exploit Kit (EK) one of the most popular crimeware kits today.

Exploit kits are scripts that crooks install on a server that when a user visits a Web page, scans the victim's local PC setup for known software vulnerabilities and delivers an exploit that cracks the user's defenses and automatically installs malware without his knowledge.

Some of the most known exploit kits are Blackhole (now defunct), Angler (the most popular), Magnitude, and Neutrino. Also very popular is the Nuclear EK, which Check Point researchers recently managed to track down and hack into one of its master servers.

Nuclear EK author lives in Krasnodar, Russia
According to researchers, the Nuclear EK is offered as MaaS (Malware-as-a-Service) by a crook living in Krasnodar, Russia. This man is suspected to be the EK's leading developer, but Check Point says that Nuclear is not a one-man job and that others are also almost certainly helping him manage the service.

The EK's structure is simple. At the center resides the crook's main server, from where he manages and grants access to his infrastructure for all the other criminals that rent out his service.

Anyone that rents a Nuclear EK from this man gets his own server with an easy to use control panel to view statistics and manage the malware that gets sent to users. Below this level are multiple smaller servers, called "landing pages," servers that host Web pages where users land and get infected with malware.
nuclear-ek-authors-are-based-in-russia-make-100-000-per-month-504179-4.png



Read more: Nuclear EK Authors Are Based in Russia, Make $100,000 per Month
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top