Until recently, one of the biggest challenges for cybercriminals has been matching a target with an exploit. While newer attacks might be preloaded with multiple exploits, many still function like a traditional waterhole. More proactive attacks, like worms, also spread via multiple exploits, but they still tend to be “dumb worms” that can use only whatever they have been loaded with.
Over the past few months, however, new malware trends have arisen. Recent Internet of Things (IoT) botnets, such as Reaper and Hajime, have not only been designed to target multiple vulnerabilities simultaneously but they also have the capability to attack “a la carte” by intelligently selecting an attack method from a growing exploit base. And now, there is a new toolkit known as AutoSploit, which is an automated mass exploiter.
Read more about recent threats like AutoSploit that bring malware-as-a-service to a whole new level, and four ways you can prepare for them, on DarkReading.