Researchers track hacking ‘fingerprints,’ link Russian attackers to Windows exploit sellers


Researchers have developed a new technique to “fingerprint” cybercriminals, including two prolific sellers of Windows exploits. 

On Friday, researchers from Check Point said the “fingerprinting” technique has been used to link Windows local privilege escalation (LPE) exploits to two different authors, believed to have sold their creations previously to Russian advanced persistent threat (APT) groups as well as other clients. 

In a blog post, the cybersecurity firm said that the technique was developed off the back of a customer response incident, in which a small 64-bit executable was found during an attack.

Read more…