Do-it-yourself cyber-crime kits have emerged for the average PC user, with built-in anti-virus protection and complete online security avoidance features.
Once upon a time, professional hackers needed the skills of willing script kiddies to exploit your PC or enterprise. Then along came the exploit kit, such as the “MPack,” courtesy of the RBN (Russian Business Network), and a new business enterprise was born.
Today, a new generation of exploits is available in off-the-peg kits requiring no more operational skill than that of a competent user.
One of the latest headline victims of an exploit kit was the US Treasury Website. Panda Security detailed how it happened -- and how a new generation of kits or packs can identify security vulnerabilities, select the preferred method of intrusion, and carry out the exploit, whether that be by PDF, an embedded iframe, or any other chosen method of exploitation.