Exploring the emerging DIY (do-it-yourself) trend within the cybercrime ecosystem, novice cybercriminals continue attempts to steal market share from market leaders, in order to either gain credibility within a particular cybercrime-friendly community, or secure a revenue stream. Largely relying on social engineering and the public ability to “clone” any given website, these tools remain a popular attack vector in the arsenal of the less-sophisticated cybercriminal, looking for ways to build his very own botnet. This particular Java Applet-based tool allows a novice cybercriminal to create a “clone” of any given website by entering the exact URL of the malicious binary to be used—the page where the user will be redirected once he’s compromised and the tool does the rest. The tool also includes the ability to choose a custom file name and many other features. http://alrt.co/ZfY98p
Takeaway: Users should never trust an unsigned Java applet, but it’s also true that just because an application or a Java applet is signed, it doesn’t necessarily mean that it’s not malicious. Things can get even worse, considering that a huge percentage of end users would consider any kind of Java applet, whether signed or not, an obstacle on their way to gaining access to a few hundred dollars in entry bonuses on a bogus online casino or “free” entertainment content. End-user security and content filtering is a unique and complex challenge to solve without impairing the usability of the infrastructure.