Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Submission + - Blackhole Exploit Kit Gets an Upgrade (securityweek.com)

wiredmikey writes: The popular Blackhole exploit kit, assumed to be created and maintained by an individual going by the online moniker of “Paunch" who continuously updates the browser exploit software, looks like it has just received another upgrade.

The exploit works by infecting a user when they visit a Blackhole-infected site, and their browser runs the JavaScript code, usually via a hidden iframe. If the location or URL for the malicious iframe changes or is taken down, all of the compromised sites will have to be updated to point to this new location, making it hard for the attackers. To deal with this, the Blackhole JavaScript code on compromised sites now dynamically generates pseudo-random domains, based on the date and other information, and then creates an iframe pointing to the generated domain

Moreover, the kit’s recent upgrade also added a new attack. According to Sophos, sometime in early June Blackhole was updated to include an attack that targets a flaw in Microsoft’s XML Core Services, which remains unpatched.

Unfortunately, the changes prove once again that the criminal economy online is alive and well. Ironically, the work Paunch is doing possibly isn’t technically illegal in and of itself, as he’s simply writing software that others then buy or rent to actually hack victims’ computers and steal from them

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Blackhole Exploit Kit Gets an Upgrade

Comments Filter:

A man is known by the company he organizes. -- Ambrose Bierce