Security expert at IntelCrawler, a cyber threat intelligence firm based in Los Angeles, discovered a new private exploit-kit called “Infinity” in the underground. It isn’t a distribution on a large-scale, authors reserved it to a limited underground customer base due to security concerns.
In the image below shows the advertisement of new private exploit-kit Infinity (“Load on Infinity”).
According investigation done by InterCrawler, the author of the exploit-kit Infinity appears to be a person with nickname “iny” / “pickness”, which credited as reliable on several private underground forums.
At the beginning of 2013 it seems the author “iny” has created a post where he invites various cybercriminals to join the new exploit-kit project. He also mentioned that he is buying new types of vulnerabilities for famous client-side software. This collaborative strategy was also used by “Paunch” to maximize his exploit-kit with new vulnerabilities to increase the infection rate.” reports the InterCrawler official post.
The exploit is provided with model of sale know as malware-as-a-service, the first advertisements about the new exploit-kit Infinity offer it with the cost starting at 100 USD per day, the subscription includes also updates and technical support. The Exploit-Kit Infinity exploits vulnerabilities for IE11/10, Opera and Firefox.
IntelCrawler threat intelligence team has already shared with the security community the appearance of the new exploit-kit Infinity in the underground.
“According to IntelCrawler, the Exploit-Kit Infinity might be a new replacement of “Blackhole”, which was actively used for infections of banking customers.”
(Security Affairs – Exploit-kit Infinity, malware)