The Blackhole exploit kit first reared its head in late 2010. Since then it’s grown to be one of the most notorious exploit kits ever seen.
In this technical paper, “Exploring the Blackhole Exploit Kit”, SophosLabs’ Fraser Howard lifts the lid on Blackhole.
He describes in detail how it works and the various files used to exploit machines and infect them with malware.
Fraser discusses how the kit has become so successful by uncovering and explaining the tricks used by Blackhole.
From how a user’s web traffic is controlled to how the attackers attempt to evade detection, the paper offers a great insight into how Blackhole works.
Blackhole image, courtesy of Shutterstock