What is crimeware kit (attack kit)? - Definition from WhatIs.com

Definition

crimeware kit (attack kit)

Part of the Malware glossary:

A crimeware kit, also called an infection, exploit or DIY attack kit, is a programming tool that allows someone who does not have any experience writing software code to create, customize and distribute malware.

Crimeware kits have graphical application program interfaces (APIs) that allow non-technical users to manage sophisticated attacks capable of stealing corporate and personal data, orchestrating denial of service (DoS) exploits or building botnets.

Most kits are built by professional programmers who exploit vulnerabilities that have already been publicly disclosed. The kits, which are commercially available on underground discussion forums, can cost as little as $100 or as much as $10,000. According to the FBI, payment is arranged through money transfers services such as Western Union.

Ironically, the high profits that can be gained by selling crimeware kits have led developers to model their software distribution model after that of legitimate software vendors. Many crimeware kits have clearly defined refund policies, licensing options, digital rights management (DRM) components and customer service.

Although crimeware kits are usually proprietary, they share several things in common including:

  • A point-and-click build component.
  • Provisions for creating threats in many different languages.
  • A Web-based executive dashboard for managing the data and processing power harvested from infected machines.
  • An interface that facilitates malware distribution through email, online advertisements and social networking websites.

Well-known crimeware kits include Zeus, MPack, Neosploit, BlackHole, Nukesploit P4ck and Phoenix. In May 2011, the Danish IT-security company CSIS Security Group announced the discovery of Weylan-Yutani, the first commercial crimeware kit that allows customers to create malware for both Mac and PC computers.

See also: phishing kit

This was last updated in June 2011
Posted by: Margaret Rouse

Related Terms

Definitions

  • blacklist

    - A blacklist, in IT, is a collection of entities that are blocked from communicating with or logging into a computer, site or network. Blocked entities are typically identified as IP addresses, user... (WhatIs.com)

  • mobile spyware

    - Mobile spyware is used by companies monitoring, tracking or spying on employees or customers, parents spying on children, individuals spying on romantic partners and hackers spying for amusement or... (WhatIs.com)

  • Trojan horse

    - A Trojan horse is a program that appears harmless but is, in fact, malicious. Attackers have long used Trojan horses as a way to trick end users into installing malware. (SearchSecurity.com)

Glossaries

  • Malware

    - Terms related to malware, including definitions about viruses and Trojans and other words and phrases about malicious software.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About crimeware kit (attack kit)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.