Websense to unveil "honeyjax" malware tools at Defcon

Just as honeypots have long been used to attract samples of the latest malware code floating around the Web, researchers with filtering specialist Websense plan to unveil a new set of tools dubbed honeyjax that promise to reach out across the Internet to seek out the latest social engineering attacks.

Meant to serve as a magnet for malware and scams leveled at so-called Web 2.0 applications and programming techniques, honeyjax instead uses active client software to seek out malware, phishing kits and other threats, said Dan Hubbard, vice president of security research at Websense.

Hubbard will detail the tools in a presentation at the Defcon hacker conference at the Riviera hotel in Las Vegas on Sunday.

Also tagged with the product name Threatseeker, the tools have been used by Websense over the last year to unearth malware and scams being carried out on sites that utilize user-driven content — such as MySpace — and applications built using emerging programming techniques such as AJAX, he said.


Leave a Reply