newsroom

Considering the date the CDROM was shipped, it means that two of the exploits were zero-days. It’s notable that the code attempts different variants of kernel exploits, and does so in a loop, one by one, until one of them succeeds. The exploit set from the sample on the CDROM includes only three exploits, but this exploitation package supports the running of up to 10 different exploits, one after another. It’s not clear whether this means that there is also a malware with 10 EoP exploits in it, or whether it’s just a logical limitation.

0

Add a Comment