BlackHole 2.0: Criminals take to the cloud
The exploit toolkit has a graphical admin interface - this is the UI from version 1 of BlackHole
The BlackHole developers are unleashing a new version of their exploit toolkit on the net. With BlackHole 2.0, the software has been "rewritten from scratch", say the unknown developers in a Russian-language release announcement on Pastebin. In their posting, they advertise new features such as temporary exploit URLs that are only valid for a few seconds, making them harder to analyse.
BlackHole is one of the most dominant exploit toolkits currently available in the underground market. It enables attackers to exploit security holes in order to install malicious software on victim's systems. In the case of a well known Java hole earlier this year, the BlackHole developers had already created a suitable exploit module even before Oracle released a patch to fix the problem.
The exploit toolkit's entry barriers aren't particularly high – all you need is criminal intent and money. The toolkit can now even be rented for a $50 a day and will then run on a server that is owned by the BlackHole team. The annual licence fee for criminals who use their own servers is $1,500.
See also:
- Professional exploit packs freely available online, a report from The H.
(crve)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
