Insecurity experts have been pouring scorn on the tools that crackers use to terrorise the internet.
According to the BBC, many of the kits used by cyber crims have more bugs than a picnic on an anthill and are more vulnerable than a Mexican gulf ecosystem.
Apparently some cyber criminals handcraft their own attack tools out of cardboard, old toilet rolls and double sided sticky tape, with a responsible adult helping with the scissors while others rely on malware kits.
But French computer security researcher Laurent Oudot from Tehtri Security said that these malware kits are the source of the problem.
Many of the kits, which have names such as Neon, Eleonore and Sniper, sport significant loopholes that are a doddle to exploit.
Speaking that the SyScan 2010 security conference in Singapore, Oudot released details of 13 separate unpatched vulnerabilites he found in some of the most popular malware kits used to attack websites.
Because there are so many bugs it is easy for security researchers to "hack the web hackers". This means getting more information about them, identify them, steal their tools and methods, or even follow the trail back to an attacker's own computer.
The downside in hacking the hackers is that you end up breaking a few laws yourself to get them. But Oudot's theory is that if you do the research now, you can always sort the legal problems out later.
TEHTRI-Security, an innovatice cutting-edge french company, has just released new threats during "HITB Amsterdam", an international conference for experts. They first explained that most Internet services (yahoo, hotmail, linkedin, twitter, facebook) are not hardened properly, so that millions of people take risks by using them. Moreover, they have shown that many phone devices with Wifi embedded are vulnerable to attacks, like the iPhone, the HTC, the BlackBerry and also the brand new iPad. To finnish, they explained some security issues on Thalys European trains, with the Wifi Internet access on board. Half a million of people could be concerned by those security issues related to privacy and security during their travels. Those issues are the same on many Internet access shared worldwide in airports, stations, trains, in-flights, hotels, etc. They are full of security vulnerabilities, because no real penetration test were organized with IT Security experts before the service was open to the public..
More information here (local press from Amsterdam) :
http://tweakers.net/nieuws/68316/wifi-netwerk-thalys-treinen-is-slecht-beveiligd.html
http://www.security.nl/artikel/33760/1/Internet_in_Thalys_kwetsbaar_voor_hackers.html