October 10, 2006 – (HOSTSEARCH.COM) – Exploit Prevention Labs (http://www.explabs.com), an anti-exploit software provider, has released findings for its September 2006 Exploit Prevalence Survey, the company announced today. The Exploit Prevalence Survey is a monthly measure of “web-borne exploits based on real-world prevalence data” with results generated by the company’s SocketShield anti-exploit software and LinkScanner online URL scanning service.
"After a relatively quiet three months, the release of the IE VML exploit represents a significant escalation in the tactics used by cyber criminals to attack unpatched computer users," explained Roger Thompson, CTO of Exploit Prevention Labs and Exploit Prevalence Survey manager. "Within a day or two of Microsoft's Patch Tuesday release on September 12, cyber criminals launched a massive coordinated zero-day attack, possibly the largest zero-day attack in recent history."
The survey reported that the IE VML Overflow exploit accounted for 45 percent of all attempted exploits in September. The IE VML zero-day exploit was released alongside another zero-day exploit that affected the Linux web hosting management software application, cPanel. The cPanel zero-day impacted over 300 websites hosted by leading web hosting provider Host Gator were hacked and ultimately distributed the IE VML exploit. While Host Gator was relatively frank about the impact of the attack, many other companies were also affected.
Mr. Thompson went on to explain the zero-day attack was organized and coordinated but up to four cyber gangs. "The sophisticated coordination among different cyber criminal organizations indicates that the author of the exploit probably sold the exploit to multiple organizations, and successfully orchestrated a controlled simultaneous release which caught Microsoft and most of the computer security industry completely off guard."
