Bidvert-advert

Stay Update - ICT Security

Enter your email address:

We hate spam as much as you do and we will never sell, barter, or rent your email address to any unauthorized third party.

Most Frequently Used Software


CURL / XPertMailer / AutoBlogger / (Parser - PHP Simple HTML DOM)

lunedì 30 aprile 2012

Use of Blackhole continues to extend in 2012

Crimeware kits are losing market share to the Blackhole exploit kit.

According to AVG, the Blackhole toolkit was the toolkit of choice for cyber criminals within the first quarter of 2012, with its research showing that 70 per cent of attacks were performed by variants of Blackhole on average.

A sophisticated and strong exploit kit, mainly caused by its polymorphic nature and its code being deeply concealed to evade detection by anti-malware solutions, Blackhole therefore has a high success rate, said AVG.

Yuval Ben-Itzhak, CTO of AVG, told SC Magazine that using Blackhole was consistent into 2012 from 2011 and were dominant for the past two years.

He said: “The Blackhole team are very accurate to update the kit with the most recent exploits to provide malware and encryption and obfuscation to flee anti-virus. They're supplying the toolkit to others because the model is a safety subscription to the toolkit.

“This isn't the first time we're seeing this, but what we saw in 2008 was not as successful and the Blackhole team has followed from there.

“To use it, you subscribe by providing your credentials and install Blackhole on servers. You then infect users who visit the servers. We're seeing them compromise legitimate websites, exploiting platforms akin to WordPress. We expect of this like an affiliate network, it's totally similar.”

The recent 2011 top cyber security risks report from HP's Tipping Point labs said that Blackhole's popularity appears growing exponentially, and other new kits, which includes Sakura Pack, Yang Pack and Siberia, have emerged with exploits for a lot of recent vulnerabilities.

It also claimed that instances of compromised sites serving and/or redirecting to Blackhole sites during the last year grew dramatically, but despite using known, patched bugs from 2010 and before, it still achieved infection rates resembling or better than other exploit kits tracked by HP DVLabs earlier in 2011.

Webroot security blogger Dancho Danchev said Blackhole is the most well-liked exploit kit because it offers encrypted malware and Javascript and iframe codes, and the creators have copies of anti-virus engines.

“They run it against the anti-virus engine and say ‘obfuscate it and the detection rate decreases',” he said.

“Personally i believe the creators are one step prior to the industry and acquainted with the newest technology.”



Pubblicato da alle 05:00

Nessun commento:

Posta un commento

Comments links could be nofollow free

Iscriviti a: Commenti sul post (Atom)