ARP Spoofing Malware Infection Project Spotted & Source Code is Disclosed to LE & Industries
ARP Spoofing Malware Infection Project Spotted & Source Code is Disclosed to LE & Industries: Self spreading malware project to infect other nodes using ARP spoofing based scanner was spotted back in several month, our intelligence reported and we keep on monitoring its progress ever since, and the moronz involved just has been released in the cyber criminal’s forum. The malware works practically by controlling the usage of ARP broadcast to be as stealth (not noisy) as possible to spoof the ARP packets and grabbing information for determine the target for the infection. The method is simple, yet worked (quick tested).
Currently the code was “secured in to our hand” and of course we informed several industry and trusted researchers for this new threat, but after compiling and test AV scanning found the detection ration is still low, wondering why..
Assuming the threat is NOT handled as priority by security side we assume a better awareness is needed, well.. hereby we share the code here, to aim AV industries attention.
We think is important to eliminate any malware threat from their ground zero if there is a clear shot to be taken, hammering any effort in improvement of any form malicious method is the only MMD main mission from beginning. So please understand the reason of this disclosure with no names and no crap.