Hackers now pick tools from script kiddies' toybox -- report

[InfoSec News <alerts () infosecnews org>]

http://www.theregister.co.uk/2012/04/24/crackers_tools/

By John Leyden
The Register
24th April 2012

Infosec 2012 - Hackers are increasingly turning to automated software 
tools to launch attacks.

According to research from Imperva, more than 60 per cent of SQL 
injection attacks and as many as 70 per cent of Remote File Inclusion 
attacks (the two most common attack types) are automated. Remote File 
Inclusion attacks allows hackers to plant back doors on PHP-based 
websites.

Tools like Havij and SQLMap are used by miscreants to probe for 
vulnerabilities and execute SQL injection attacks. These tools also 
employ techniques to evade detection, such as periodically changing 
headers or splitting attacks through controlled hosts to avoid 
black-listing. In the past, using attack tools was purely for script 
kiddies but these attitudes are changing, according to Rob Rachwald, 
director of security strategy at Imperva.

Automatic attack tools aren't just for the clueless anymore, he says. 
These tools can be used to attack more applications and exploit more 
vulnerabilities than any manual method possibly could, making them a 
useful adjunct for even skilled attackers. "Automated tools are becoming 
better quality. Both experienced and inexperienced hackers use them but 
experienced hackers use them with more finesse," Rachwald explained.

[...]


_______________________________________________
LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
http://www.layerone.org