In association with heise online

13 September 2012, 10:07

BlackHole 2.0: Criminals take to the cloud

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Zoom The exploit toolkit has a graphical admin interface - this is the UI from version 1 of BlackHole
The BlackHole developers are unleashing a new version of their exploit toolkit on the net. With BlackHole 2.0, the software has been "rewritten from scratch", say the unknown developers in a Russian-language release announcement on Pastebin. In their posting, they advertise new features such as temporary exploit URLs that are only valid for a few seconds, making them harder to analyse.

BlackHole is one of the most dominant exploit toolkits currently available in the underground market. It enables attackers to exploit security holes in order to install malicious software on victim's systems. In the case of a well known Java hole earlier this year, the BlackHole developers had already created a suitable exploit module even before Oracle released a patch to fix the problem.

The exploit toolkit's entry barriers aren't particularly high – all you need is criminal intent and money. The toolkit can now even be rented for a $50 a day and will then run on a server that is owned by the BlackHole team. The annual licence fee for criminals who use their own servers is $1,500.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit