Technical paper: Deeper inside the Blackhole exploit kit

Technical Paper: Inside a Black Hole (part 2)

Paper hole. Image from ShutterstockReaders following the developments of Blackhole, the most prolific exploit kit throughout 2012, will be interested in the second and concluding part of the technical paper which is now published.

In part one, SophosLabs expert Gabor Szappanos took us through the server-side code, providing a general understanding of how the Blackhole exploit kit operates.

In this latest paper, he takes a deeper look at the server-side operation of the kit, including details of the functions used in targeting client-side exploits.

The paper also includes some excellent data on the top payloads being served-up by the Blackhole exploit kit during the period of research.

Blackhole payload breakdown

I would urge interested readers to take a look through the concluding part of this technical research – it’s an ideal way to equip yourselves with an understanding of how such kits are being used to infect users with malware.

Read now: “Inside a Black Hole – Part 2”

Torn paper hole image from Shutterstock.