Blackhole exploit kit dominates the market

Ken Dunham iSIGHT Partners
Shane Hartman iSIGHT Partners

Blackhole is one of the most common exploit frameworks used within the e-crime marketplace in 2012. It began with development and deployment as far back as 2010. Over time, it has proven to meet the right price point, of about $1,500, with various options for semi-annual licences and more. The authors of the kit also have continued development to make it a very effective and robust exploit framework. Payload management is included for Windows, Macintosh and Linux operating systems. It also includes an intelligent Traffic Direction Script (TDS), blacklisting capabilities, obfuscation and randomization, and customization options for custom rules.

This presentation will cover:

  • Introduction to the Blackhole exploit kit, its origins, pricing models, and timeline of important events.
  • Introduction to recent incidents involving the Blackhole exploit kit and the payloads and abuse that were related.
  • Visual introduction to what the kit looks like to an actor using the kit that successfully launched a campaign or attack of interest.
  • Analysis of exploit vectors and functionality components of the kit and how it compares overall to other kits within the e-crime marketplace.
  • Trends and take-aways based upon how Blackhole has impacted the criminal market and how it has impacted and will likely impact framework marketplace dynamics going forth.



twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.