![]() ![]() ![]() The following two techniques are used by Blackhole: Compromised web pages. Blackhole is yet another web exploit kit developed by Russian hackers. The PHP scripts are all protected with the commercial ionCube encoder. The kit consists of a series of PHP scripts designed to run on a web server. There are several ways in which this can be achieved. There are several versions of Blackhole exploit kit, the first being v1.0.0 (released in late 2010), and most recent being v1.2.2 (released February 2012). The price for the Neutrino Exploit Kit has been increased for non-Russian customers to $10,000/month on a dedicated server, Kafeine said Tuesday on Twitter. 2.3.1 Controlling user web traffic As with all attacks using exploit kits, the first requirement is for the attacker to guide the user’s browser to the exploit site. It seems that other exploit kit creators might already be reacting. What combinations of these scenarios will happen remains to be seen, he said. It can disappear, it can be replaced by other exploit kits or its development can be taken over by others. ![]() There are several things that can happen to Blackhole now that its developer has been arrested, Gostev said. It is sold or rented on the underground market by its creators and is frequently updated to make the exploits harder to detect.Īn independent malware researcher who uses the online alias Kafeine said Monday on Twitter that the Blackhole and Cool Exploit Kit, a more expensive exploit toolkit also created by Paunch, have been frozen for over three days and haven't been updated. Attackers redirect users from compromised websites to Blackhole landing pages hosted on malicious servers in order to install malware on computers running vulnerable software.īlackhole has been around for years and is probably the most popular exploit kit among cybercriminals. The Blackhole Exploit Kit is essentially a Web application designed to exploit vulnerabilities in Web browsers or other software that's accessible from the Web through browser plug-ins, such as Java, Adobe Reader and Flash Player. Kaspersky's Gostev said via email that he learned about the arrest from a trusted source who also wished to remain anonymous. The EC3 cannot confirm any other details including the suspect's name or his activities, and Pedersen referred all other questions to the Russian authorities. The European Cybercrime Centre (EC3) has been informed that a high-level cybercrime suspect has been arrested in Russia, Europol spokesman Soren Pedersen said Tuesday. Because the investigation is ongoing, the source declined to share additional information. However, a source familiar with the investigation who requested anonymity confirmed that the creator of Blackhole, a person who uses the online identity "Paunch," has been arrested by the Russian authorities. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |