The Hacker News
Exploit kits are one of the dangerous cyber crime tool, where The Phoenix Exploit Kit is a good example of exploit packs used to exploit vulnerable software on the computers of unsuspecting Internet users.

Cybersecurity

The Phoenix Exploit Kit is available for a base price of $2,200 in underground market by its malware author or developer. Like other exploit kits, Phoenix also developed to exploit browser-based vulnerabilities in outdated and insecure versions of browser plugins like Java, and Adobe Flash and Reader.

Developer of Phoenix is known by nickname AlexUdakov on several forums. According to new investigation report published by krebsonsecurity, AlexUdakov was also member of a forum called Darkode, whose administrator accounts were compromised few weeks before and that the intruders were able to gain access to private communications of the administrators.

Intruders was able to view full profiles and database of Darkode members, as well as the private email addresses of Darkode members, where AlexUdakov was using the address "nrew89@gmail.com".

On further investigation by authorities, they found Andrey Anatolevich Alexandrov, a 23-year-old male (born May 20, 1989) from Yoshkar-Ola profiled on russian social media site 'Vkontakte' with same email address. Currently he is living in a 365-square foot apartment with his wife and small child in Yoshkar-Ola.

Also he is member of many Russian language forums and web sites dedicated to discussing guns, including talk.guns.ru and popgun.ru.Investigators also found him on another criminal website exploit.in, where he had been selling Phoenix Exploit Kit for many months, until around July 2012, but after that till Feb 2013 his account remained silent.

In latest post on the same forum he explained his kit and gun clients that he was arrest by the Federal Security Service (FSB), the Russian agency for distributing malware and the illegal possession of firearms, including two AKS-74U assault rifles, a Glock, a TT (Russian-made pistol), and a PM (also known as a Makarov).

Not proved that Andrey Anatolevich Alexandrov is really behind devlopment of Phoenix Exploit Kit or not, but investigation can help authroities now to reach original criminal soon.

Anyway, users are advised to always ensure that the applications installed on their computers are kept up-to-date so they can avoid possible exploit attacks.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.