View Full Version : BlackHole 2.0 gives hackers stealthier ways to pwn

09-12-12, 08:00 PM
A new version of the BlackHole exploit kit (http://arstechnica.com/business/2012/01/blackhole-dominates-web-malware-attacks-says-sophos/) is now out on the web and ready to start infecting. The developer of the toolkit, who goes by the handle "Paunch," recently announced the availability of Blackhole 2.0,¬* which removes much of its trove of known and patched exploits, and replaces them with a whole new crop‚??along with features that will make it harder for antivirus companies and site owners to detect trouble.

BlackHole is a widely-used, web-based software package which includes a collection of tools to take advantage of security holes in web browsers to download viruses, botnet trojans, and other forms of nastiness to the computers of unsuspecting victims. The exploit kit is offered both as a "licensed" software product for the intrepid malware server operator and as malware-as-a-service by the author off his own server.

The announcement for the new version (http://malware.dontneedcoffee.com/2012/09/blackhole2.0.html) (translated on the Malware Don‚??t Need Coffee weblog from the original Russian, with the help of Google Translate), which¬*Threatpost reports (http://threatpost.com/en_us/blogs/black-hole-exploit-kit-20-released-091212), was initially posted on the underground hacker marketplace site Exploit.ln, promises a number of new features to make it harder for antivirus software to detect and defend against exploit attacks. One of those is a random URL generation system that creates single-use web addresses for attacks that last only as long as a specific attack on a target computer. Random URLs are intended to¬*prevent antivirus companies or security professionals from using the link to download the exploit for analysis.

Read 4 remaining paragraphs (http://arstechnica.com/security/2012/09/blackhole-2-0-gives-hackers-stealthier-ways-to-pwn/) | Comments (http://arstechnica.com/security/2012/09/blackhole-2-0-gives-hackers-stealthier-ways-to-pwn/?comments=1#comments-bar)

http://feeds.feedburner.com/~ff/arstechnica/index?i=LjsweL29tdE:0gfI61phLDk:V_sGLiPBpWU (http://feeds.arstechnica.com/~ff/arstechnica/index?a=LjsweL29tdE:0gfI61phLDk:V_sGLiPBpWU) http://feeds.feedburner.com/~ff/arstechnica/index?i=LjsweL29tdE:0gfI61phLDk:F7zBnMyn0Lo (http://feeds.arstechnica.com/~ff/arstechnica/index?a=LjsweL29tdE:0gfI61phLDk:F7zBnMyn0Lo) http://feeds.feedburner.com/~ff/arstechnica/index?d=qj6IDK7rITs (http://feeds.arstechnica.com/~ff/arstechnica/index?a=LjsweL29tdE:0gfI61phLDk:qj6IDK7rITs) http://feeds.feedburner.com/~ff/arstechnica/index?d=yIl2AUoC8zA (http://feeds.arstechnica.com/~ff/arstechnica/index?a=LjsweL29tdE:0gfI61phLDk:yIl2AUoC8zA)

More... (http://feeds.arstechnica.com/~r/arstechnica/index/~3/LjsweL29tdE/)