The Blackhole exploit kit was, as of 2012, the most prevalent web threat, where 29% of all web threats detected by Sophos and 91% by AVG are due to this exploit kit. [1] Its purpose is to deliver a malicious payload to a victim's computer. [2] According to Trend Micro the majority of infections due to this exploit kit were done in a series of high volume spam runs. [3] The kit incorporates tracking mechanisms so that people maintaining the kit know considerable information about the victims arriving at the kit's landing page. The information tracked includes the victim's country, operating system, browser and which piece of software on the victim's computer was exploited. These details are shown in the kit's user interface. [4]
Blackhole exploit kit was released on "Malwox", an underground Russian hacking forum. It made its first appearance in 2010. [5]
The supposedly Russian creators use the names "HodLuM" and "Paunch". It was reported on October 7, 2013 that "Paunch" had been arrested. [6]
Dmitry "Paunch" Fedotov was sentenced to seven years in a Russian penal colony on April 12, 2016. [7]
A typical defensive posture against this and other advanced malware includes, at a minimum, each of the following:
The Blackhole exploit kit was, as of 2012, the most prevalent web threat, where 29% of all web threats detected by Sophos and 91% by AVG are due to this exploit kit. [1] Its purpose is to deliver a malicious payload to a victim's computer. [2] According to Trend Micro the majority of infections due to this exploit kit were done in a series of high volume spam runs. [3] The kit incorporates tracking mechanisms so that people maintaining the kit know considerable information about the victims arriving at the kit's landing page. The information tracked includes the victim's country, operating system, browser and which piece of software on the victim's computer was exploited. These details are shown in the kit's user interface. [4]
Blackhole exploit kit was released on "Malwox", an underground Russian hacking forum. It made its first appearance in 2010. [5]
The supposedly Russian creators use the names "HodLuM" and "Paunch". It was reported on October 7, 2013 that "Paunch" had been arrested. [6]
Dmitry "Paunch" Fedotov was sentenced to seven years in a Russian penal colony on April 12, 2016. [7]
A typical defensive posture against this and other advanced malware includes, at a minimum, each of the following: