Blackhole dominates rival toolkits

Powered by SC Magazine
 

Blackhole booms.

Crimeware kits are losing market share to the Blackhole exploit kit.

According to AVG, the Blackhole toolkit was the toolkit of choice for cyber criminals in the first quarter of 2012, with its research showing that 70 per cent of attacks were performed by variants of Blackhole on average.

Blackhole's success was due to its sophistication as a polymorphic malware designed to bypass anti-virus systems, according to AVG.

AVG chief technology officer Yuval Ben-Itzhak said the use of Blackhole was consistent into 2012 from 2011 and had been dominant for the past two years.

“The Blackhole team are very accurate to update the kit with the latest exploits to offer malware and encryption and obfuscation to escape anti-virus," Ben-Itzhak said.

He said criminals had supplied the toolkit to users through a successful service model.

“To use it, you subscribe by providing your credentials and install Blackhole on servers, then you infect users who visit the servers. We are seeing them compromise legitimate websites, exploiting platforms such as WordPress -- we think of this like an affiliate network.”

The recent 2011 top cyber security risks report from HP's Tipping Point labs said that Blackhole's popularity had grown exponentially, while other new kits, such as Sakura Pack, Yang Pack and Siberia, emerged with exploits for many recent vulnerabilities.

It also claimed that instances of compromised sites serving and redirecting to Blackhole sites over the past year grew dramatically.

It still achieved better infection rates compared to rival toolkits in 2011, despite that it used old since-patched bugs.

Webroot security blogger Dancho Danchev said Blackhole was the most popular exploit kit as it offered encrypted malware, Javascript and iframe codes.

“They run it against the anti-virus engine and say ‘obfuscate it and the detection rate decreases',” he said.

“Personally I think the creators are one step ahead of the industry and aware of the latest technology.”

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition


Blackhole dominates rival toolkits
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1781

Vote
Do you support the abolition of the Office of the Information Commissioner?