Security software maker Sophos reported that they found a site selling a spyware kit, WebAttacker, for $15. The kit comes with technical support and includes scripts that help automate the establishment of malicious Web sites. Intruders then send out mass mail inviting people to visit the site under various pretenses. When a person does visit then scripts try to infect the visitor's computer with a Trojan using a number of known vulnerabilities. The Trojan is typically designed to steal passwords and banking information, or log keystrokes. A Russian website is selling a spyware kit, called WebAttacker, for approximately ten pounds sterling. The website, which refers to its creators as spyware and adware developers, markets the strengths of its kits, makes the kits available for online purchase and offers technical support to its buyers.

JavaScript code on the infected websites detects the visiting computer's browser version and operating system, including any installed patches, and launches the most appropriate exploit. The exploit downloads a program that attempts to turn off the firewall and install malware, generally a password stealer, keylogger or a banking Trojan.This type of behaviour is inviting the return of script-kiddies," said Carole Theriault, senior security consultant at Sophos. "By simplifying the task of the potential hacker for a mere tenner, sites like this one will attract opportunists who aren't necessarily very skilled and turn them into cyber-criminals."