Reveton ransomware switches exploit kits from BlackHole to WhiteHole

By

But author's arrest to have a 'negligible impact' on the black market.

Criminals were already moving to other exploit kits soon after the arrest of the author of the infamous BlackHole crimeware kit.

Reveton ransomware switches exploit kits from BlackHole to WhiteHole

Reveton ransomware was one of the first to move from BlackHole to a newer exploit kit, Whitehole, which emerged on researchers' radars in February.

European Cybercrime Cente head Troels Oerting confirmed the arrest of BlackHole's developer Paunch.

Criminals spread Reveton via crimeware kits by exploiting vulnerable software on users' machines. 

Dell SecureWorks director of security strategy Jeff Williams said that criminals will likely continue to package other exploit kits with BlackHole threats.

“My presumption is that criminals will move to some of these other kits, but I think it's also kind of a warning shot to know that law enforcement are looking actively to keep the perpetrators from carrying out their crimes,” Williams said.

Team Cymru director of security research Steve Santorelli said that the arrest was liable to have a negligible impact on the black market due to the fast moving nature of the exploit business.

“As ubiquitous as [BlackHole] once was – and many new cyber criminals cut their teeth on it and made a lot of money from it – it's last year's technology. In cyber crime terms, that might as well be last century,” he wrote.

Already this month, criminals have turned to easy-to-use toolkits, like Neutrino, Glazunov and Sibhost, he said.

“They thrive because they are so easy to configure and deploy,” Santorelli said. “They often have good help pages, great and fast technical support and a low price point with regular updates. You don't need to know what's under the hood to drive them, and that's why they are so dangerous.”

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

China blamed after cyberattack hits Czech Republic

China blamed after cyberattack hits Czech Republic

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?