Tornado exploit kit touches down

Share this article:

The recently discovered Tornado exploit toolkit is one of the most sophisticated toolkits released and may be a precursor of things to come. According to Symantec, it's chilling evidence of how hackers can take advantage of vulnerabilities.

Tornado has actually been out for at least six months. It is unusual for these types of exploit toolkits to have such a low profile, but it appears the people who wrote it have been more discreet than usual, said Alfred Huger, vice president of development at Symantec. The software, however, has only been recently publicly released.

“This toolkit itself is setup as a service,” Huger told on Tuesday. “A potential attacker would pay a subscription fee to use a console that can be used to launch attacks on other sites. It will manage your victims for you and can organize a large number of machines that have been compromised.”

The Tornado exploit toolkit appears to target mostly smaller, personal websites by altering the pages. However, Huger admitted that large commercial sites could eventually be attacked as well.

“It infects the websites that exploit vulnerabilities in browsers,” he said.

Huger added that it appears the hackers are using stolen credentials to gain access to these small websites to add malicious code to pages that the site's owner can manipulate himself.

Once infected, the hacker can download malware onto a user's computer and gains the ability to do whatever he wants, from stealing financial information to turning the computer into a bot, researchers said.

The Tornado exploit toolkit is part of a chilling new trend, Huger said.

“This product is very polished, a commercial-grade software package,” he said. “And people are adopting it rapidly.”


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

NIST finalizes cloud computing roadmap

NIST finalizes cloud computing roadmap

The NIST architecture is designed to accelerate the adoption of cloud computing.

Chinese MitM attack targets iCloud users

Chinese MitM attack targets iCloud users

The attack used a false certificate to trick iCloud users into handing over personal data and login credentials. With an attack of this size, some experts and researchers believe the ...

EPIC: driver data shared via V2V technology needs protection

The groups shared comments on V2V communications with the National Highway Traffic Safety Administration.