Exploit Prevention Labs
Home
  Products
  Threat Center
  Support
  About Us
  Media Center
  Contact Us
 
Quick Links
In the News
Press Releases

 

 
Media Center

Press Releases

EXPLOIT PREVENTION LABS RELEASES LINKSCANNER
A FREE ONLINE SERVICE THAT ALERTS USERS TO EXPLOITED WEBSITES

New public service enables users to check websites for exploits before
clicking through and potentially infecting their PCs

July 17, 2006 – Atlanta, GA – Exploit Prevention Labs, the leading developer of anti-exploit protection, today announced the immediate availability of LinkScanner (http://www.explabs.com/linkscanner), a free online service that scans individual URLs for dangerous exploits.

“We’re making LinkScanner available as a public service to demonstrate the powerful exploit prevention capabilities of our flagship anti-exploit software, SocketShield,” said Chris Weltzien, COO of Exploit Prevention Labs. “The service is extremely easy to use. Just enter the URL into the online form provided, and press Scan. It’s a great way to know for sure whether the web site you plan to visit is free from exploits.”

What are Exploits?
Exploits are malware applications that take advantage of security vulnerabilities in common software applications such as Windows operating systems and browsers. Unlike traditional malware, such as viruses or trojans that are usually created by thrill-seeking individuals trying to cause chaos, exploits are part of a growing category of malicious and frequently for-profit applications used by international criminal cyber gangs.

Most exploit infections occur by what’s known as a drive-by download, in which malicious code is force-downloaded onto a user’s computer without their knowledge. This occurs the moment the user visits a compromised web site, which may well appear completely innocuous. The payload, usually in the form of a rootkit, then exposes the user to damage from spyware, keyloggers, and other crimeware.

Many Internet users mistakenly believe as long as they’re not visiting pornographic or illegal file sharing sites, they’re safe from exploits. The truth, however, is that even trusted web sites cannot always be trusted.

Similar to the business model employed by spammers, the exploit distributors use a tiered distribution system, usually composed of a single master exploit server that controls a large network of servers hosting innocent-seeming web sites that in turn act as lures for unsuspecting visitors. Exploit Prevention Labs has discovered numerous exploit distribution networks in which up to 20,000 trusted and legitimate web sites had been hacked by cyber criminals who were using those sites to spread exploits.

When a surfer visits one of the sites, malicious code placed on the site silently connects to an exploit server operated by the criminals and attempts to deliver the drive-by download onto the user’s machine. If the web surfer is using an operating system or browser that is unpatched for the latest vulnerabilities, their machine is infected.

About LinkScanner and SocketShield
LinkScanner, a free online service, is Exploit Prevention Labs’ second anti-exploit product, and follows on the heels of the May release of SocketShield, the company’s flagship anti-exploit software for Windows. While initially available only on the Exploit Prevention Labs website, the company plans to make the service available through third-party sites offering complementary products and services.

LinkScanner is the first online applications to utilize Exploit Prevention Lab’s recently completed software development kit (SDK), which allows third party applications and web services to incorporate SocketShield functionality into their applications.

SocketShield is the industry’s first reliable solution to protect Internet users against the growing threat of zero-day and other crimeware exploits that target vulnerabilities in unpatched Windows applications.

SocketShield provides a critical layer of security that complements the defenses provided by traditional security solutions. Firewalls cannot stop exploits because exploits enter within the trusted communications stream of the user’s browser connection. Anti-virus and anti-spyware applications can’t protect against exploits because they must wait for the malware code to hit the hard disk in order to detect it, and by that time most exploits have already executed their payload. And effective patching relies on users ensuring that Windows is configured to install all necessary updates immediately on availability.

About Exploit Prevention Labs
Founded by information security veterans Bob Bales and Roger Thompson in 2005, Exploit Prevention Labs develops security software to protect against vulnerability exploits. SocketShield, the company's flagship product, provides patent-pending protection against zero-day exploits during the critical risk window between the announcement of a vulnerability and the provision of a patch by the vendor. More information about Exploit Prevention Labs and SocketShield may be found on the company's website at www.explabs.com.

Media Contact:
Kerry Swanson/Mark Coker
Dovetail Public Relations
408.395.3600
xpl@dovetailpr.com

 
Home  |  Products  |  Support  |  About Us  |  Privacy Policy  |  Affiliate Program
Copyright © 2008 Exploit Prevention Labs. All rights reserved.