Technical paper: Learn about the Blackhole exploit kit

Filed Under: Malware, Vulnerability

Blackhole, courtesy of ShutterstockThe Blackhole exploit kit first reared its head in late 2010. Since then it's grown to be one of the most notorious exploit kits ever seen.

In this technical paper, "Exploring the Blackhole Exploit Kit", SophosLabs' Fraser Howard lifts the lid on Blackhole.

He describes in detail how it works and the various files used to exploit machines and infect them with malware.

Fraser discusses how the kit has become so successful by uncovering and explaining the tricks used by Blackhole.

From how a user's web traffic is controlled to how the attackers attempt to evade detection, the paper offers a great insight into how Blackhole works.

Read: Exploring the Blackhole exploit kit

Blackhole image, courtesy of Shutterstock

, , , ,

You might like

3 Responses to Technical paper: Learn about the Blackhole exploit kit

  1. Scott · 938 days ago

    Excellent write-up. I'd be interested to know how users pay for the exploit kit. I would think they could follow the money to find it's creators/operators. Do they only accept bitcoins or liberty reserver or something similar?

  2. Roy · 935 days ago

    Nice Analysis of the tool. would like to ask a question in most of the security blogs discussion is going on that blackhole tool is being used to exploit the vulnerability mentioned in CVE-2012-0507. Is it correct.

    Reference: http://krebsonsecurity.com/tag/cve-2012-0507/

  3. c_b · 911 days ago

    This was very helpful for a quick primer on BH. Thanks for making this available.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Anna Brading is Naked Security's editor. She has worked in tech for more than ten years and as a writer with Sophos for over five. She's interested in social media, privacy and keeping people safe online.