[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Blackhole Exploit Kit Makes a Comeback
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2015-11-20 13:32:05
Message-ID: alpine.DEB.2.02.1511201331530.32559 () infosecnews ! org
[Download RAW message or body]

http://www.eweek.com/security/blackhole-exploit-kit-makes-a-comeback.html

By Robert Lemos
eWEEK.com
2015-11-19

The once-popular Blackhole exploit kit has returned, attempting to infect 
using old exploits but also showing signs of active development, according 
to researchers with security firm Malwarebytes.

Over the weekend, Malwarebytes detected attacks using older exploits for 
Oracle's Java and Adobe's Acrobat, but which attempted to deliver recently 
compiled malware. When Malwarebytes investigated, it found, behind the 
attacks, a poorly secured server that had Blackhole installed on it.

The return of Blackhole suggests that cyber-criminals may be reusing the 
code, which was leaked in 2011, Jérôme Segura, senior security researcher 
for Malwarebytes Labs, told eWEEK.

"Blackhole was well-written, and we have seen in the past, like with Zeus, 
that a lot of criminals do not reinvent the wheel," he said. "They will 
use older infrastructure and build on top of it."

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/

[prev in list] [next in list] [prev in thread] [next in thread]