Blackhole exploit kit v2 on the rise
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Blackhole exploit kit v2 on the rise | |
|---|---|
| Botnet | |
| Malware | |
| Botnet/malware group | |
| Exploit kits | Blackhole |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 2012-10-19 |
| Editor/Conference | Zscaler |
| Link | http://research.zscaler.com/2012/10/blackhole-exploit-kit-v2-on-rise.html (Archive copy) |
| Author | Pradeep Kulkarni |
| Type | |
Abstract
“ Some of key enhancements include:
- The URL format is dynamic in nature. It does not follow a particular pattern as the version 1.0 URLs did.
- Now executables delivered with malicious content are also protected from multiple downloads.
Heavy obfuscation of the code continues as it had in the prior version. Like the Blackhole Exploit Kit v1, v2 also continues to target the known vulnerabilities in Internet Explorer (IE), Adobe and Java. A sample of raw Blackhole exploit kit v2 can be seen from the following recent infection:
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1189,
editor = {Zscaler},
author = {Pradeep Kulkarni},
title = {Blackhole exploit kit v2 on the rise},
date = {19},
month = Oct,
year = {2012},
howpublished = {\url{http://research.zscaler.com/2012/10/blackhole-exploit-kit-v2-on-rise.html}},
}