Blackhole Comes Back to haunt; Java and Acrobat become the first Victim
FREMONT, CA: The Blackhole exploit kit, once popular among cyber-criminals, makes its return. According to researchers with security firm Malwarebytes, blackhole is attempting to infect with old exploits, showing its spry evolution.
Malwarebytes perceived attacks using older exploits for Oracle's Java and Adobe's Acrobat, and on further investigation they found that; a dreadfully secured server had Blackhole installed on it. Recalling the leaked code in 2011, the research firm observes that the code is being reused by cyber-criminals. "Blackhole was well-written, and we have seen in the past, like with Zeus, that a lot of criminals do not reinvent the wheel. They will use older infrastructure and build on top of it," says Jérôme Segura, Senior Security Researcher, Malwarebytes Labs.
The 2011 release of code for both Zeus cyber-crime kit and the Blackhole exploit kit helped criminals as a common software platform in establishing new methods and in 2013 Russian authorities arrested the author of the Blackhole exploit kit. Even after the arrest of the author, the exploit kit continued to find users but it slowly got outdated. The notorious kit mainly consisted of Web-based vulnerabilities tailor made to deliver malware payloads of the buyer's choice to compromised systems. But the latest findings of Malwarebytes shows that Blakhole’s original malware payload has been modified a little but basically runs on the same exploits. Nevertheless, the future of Blackhole cannot be decided as yet.
"It may be a trap designed to track down honeypots, which typically have lowered security settings and would not get updated as often as consumer machines." Segura continues. "If that were the case, their goal would be to identify security crawlers and scanners and add them to a blacklist."
By James Seevers, CIO & GM, Toyoda Gosei
By Bill Krivoshik, SVP & CIO, Time Warner Inc.
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Bruce. D. Smith, SVP & CIO, Information Systems, Advocate...
By Adrian Mebane, VP-Global Ethics & Compliance, The Hershey...
By Graham Welch, Director-Cisco Security, Cisco
By Michael Watkins, Senior Product Director, Global Knowledge
By Bernd Schlotter, President of Services, Unify
By Patrick Hale, CIO, VITAS Healthcare
By Steve Bein, VP-GIS, Michael Baker International
By Jason Alan Snyder, CTO, Momentum Worldwide
By Mike Morris, CIO, Legends
By Louis Carr, Jr., CIO, Clark County
By Bill Dow, SVP and General Manager of Business Solutions,...
By Jim Whitehurst, CEO, Red Hat
By Darren Cockrel, CIO, Coyote Logistics, a UPS Company...
By Nathan Johnson, SVP and CIO, Werner Enterprises [NASDAQ:...
By David Tamayo, CIO, DCS Corporation
By Neil Hampshire, CIO, ModusLink Global Solutions, Inc....