Hackers Toolkit Attacks Vulnerable Browsers

SAN DIEGO, Calif. — Websense, an Online security company has issued a warning about its discovery of a do-it-yourself hackers kit being sold on a Russian website.

“The Web Attacker Toolkit,” which can be purchased for $15 to $20 exploits unpatched vulnerabilities in Internet Explorer and Firefox. The “smartbomb” virus latches onto the browsers code and then attacks its most vulnerable parts.

Websense says the hacking kit is being used on more than 1,000 websites to put a Trojan horse on susceptible computers. The worm runs in the background so surfers won’t realize their machine is being hacked. According to Websense, the Trojan can log keystrokes, download additional code, or open backdoors.

“It puts a bunch of code on a site that not only detects what browser the victim is running, but then selects one of seven different vulnerabilities to exploit,” Dan Hubbard, senior director of security and research at Websense said. “[This is] depending on how well patched the browser is.”

Interestingly, websites that host the malicious code also include a statistics page that shows “the number of infected clients, percentage of clients that have been infected, and a breakdown by country, operating system, and browser,” says Websense’s security alerts page. One of the bugs compromised 1,773 computers by using a three-year-old flaw in IE.

“Everyone knows they should patch their browsers,” Hubbard said, “but this is further evidence that that’s not happening as much as it should be.”

In its research, Websense has calculated that there have been more than 10,000 successful infections, which registers a 3 to 13 percent overall success rate.

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

Ohio AG Threatens Action Against 'Major' Adult Sites Over AV Law

Ohio Attorney General Dave Yost announced today that his office is sending "notice of violation" letters to 19 adult websites for failure to comply with the state's recently enacted age verification law.

Chaturbate Announces 2025 Music Contest Winners

Chaturbate has revealed the winners of its 2025 music competition.

2026 XBIZ Exec Awards Pre-Noms Open With Debut of New 'Impact' Honors

XBIZ is pleased to announce that the pre-nomination period for the 2026 XBIZ Exec Awards, the adult industry’s premier career honor, begins today and runs through Oct. 14.

MYM Launches New Traffic System

German creator platform MYM has launched a new traffic system for its members.

Ukrainian Content Creators on Hook for Nearly $10M in Back Taxes

Content creators in Ukraine owe the equivalent of $9.3 million in back taxes, according to the country's State Tax Service.

Eroutique Relaunches Site Through YourPaysitePartner

Eroutique has relaunched its official website through YourPaysitePartner (YPP).

Update: Pornhub Will Not Block Ohio, Despite AV Law

Pornhub parent company Aylo will not block access to its websites in Ohio, despite new state age verification rules that came into effect Sept. 30.

Pineapple Support, Pornhub to Host 'ADHD-Friendly' Support Group

Pineapple Support and Pornhub are hosting a free online support group for performers with ADHD.

Judge Dismisses Some Claims in 'Children of Pornhub' Trafficking Suit

A United States district judge on Friday dismissed some but not all claims against Aylo in a long-running case involving CSAM allegations featured in the influential 2020 New York Times article “The Children of Pornhub.”

FSC Sets Key Dates, Qualifiers for December Board of Directors Election

The Free Speech Coalition (FSC) today announced key dates and qualifiers for its upcoming Board of Directors election.

Show More