• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

       

Reports: WMF flaw sold for $4,000
Published: 2006-02-03

Russian hacker groups sold exploit code for the WMF exploit in early December, well before vulnerability research companies caught wind of the problem, mounting evidence is suggesting.

A two-week window separated the development of the exploit and the discovery of suspicious activity, according to an eWeek article. During these two weeks the exploit code was available on underground websites -- at a $4,000 cost.

Details regarding the first release of the exploit are still being discovered, however the eWeek article mentions an early relationship with a stock pump-and-dump scheme, where the WMF flaw was used quietly for quick financial gain.

A BugTraq posting in late December was first to show a website actively implementing the WMF flaw, and the flurry of activity that followed sent the security community into overdrive -- over one thousand malicious WMF files were detected in the days following the post.

Posted by: Peter Laborge

       

Expand all | Post comment