Cyber-Criminals Targeting Retailers With 'Nice Pack' Exploit Kit, SQL Injection

[InfoSec News <alerts () infosecnews org>]

http://www.eweek.com/c/a/Security/CyberCriminals-Targeting-Retailers-With-Nice-Pack-Exploit-Kit-SQL-Injection-108481/

By Fahmida Y. Rashid
eWEEK.com
2011-10-13

Retailers are seeing an uptick in Web attacks driven mainly by malware 
exploit toolkits as cyber-criminals attempt to steal credit card 
information, according to Dell SecureWorks.

Hacking attacks against retail customers were up 43 percent from January 
to September, Dell SecureWorks said Oct. 10. The Dell SecureWorks 
Counter Threat Unit stopped 91,500 attackers per retail customer in the 
first nine months of 2011, compared with 63,581 from April through 
December 2010.

The increase was driven primarily by the popularity of Web exploit kits, 
according to Jon Ramsey, Dell SecureWorks' CTO. A new kit, Nice Pack, 
has already compromised over 10,000 Websites, according to the report. 
When unsuspecting users come to the site, they are silently redirected 
to a different site that is hosting the exploit kit, which tries to 
download malware onto the user's computer.

"Criminals are more aggressively using the Web as a primary attack 
vector for both clients and servers," Ramsey said.

Nice Pack uses a similar attack sequence as the more well-known Black 
Hold exploit kit. Attackers use various techniques to compromise Web 
pages and embed malicious JavaScript on the site. The malicious code is 
apparently identical to the code that was used in the recent compromise 
of MySQL.com, which directed users to a site hosting the Black Hole 
toolkit.

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn