Author: Michael Mimoso / Source: Threatpost | The first stop for security news
A black market hacking tool has the potential to rapidly conduct website scans for SQL injection vulnerabilities at a large scale, all managed from a smartphone through the Telegram messenger.
The Katyusha Scanner is a relative newcomer available to black hats that surfaced in early April. It’s a blend of the Anarchi Scanner open source penetration testing tool and Telegram; it has already been updated seven times since its introduction, and now Pro and Lite versions are available for between $250 and $500.
Researchers at Recorded Future who found the tool for sale declined to name the site where it’s being offered, and said they have informed law enforcement.
They said the seller is Russian speaking, and that top-tier Russian hackers frequent the forum. The seller is known for selling data stolen from ecommerce websites, Recorded Future director of advanced collection Andrei Barysevich said.
“What we found is a very uncommon tool or service, not offered by criminals before,” Barysevich said.
The tool is simple to use, Barysevich said, requiring only that an attacker set up a standard webserver with the version of the Anarchi scanner that has been modified so it can be controlled through a linked Telegram account. This allow the scans to be controlled by a mobile device on any platform. Once an attacker has generated a list of websites they want to target—the seller suggests starting with at least 500 sites—it can be uploaded through Telegram and commands can be issued to have it scan the sites for any known vulnerabilities. The Pro version of the tool will…
Click here to read more
