BlackHole Exploit Kit Gets New Domain-Generation Algorithm

Nothing is more frustrating than spending days or weeks compromising dozens of Web sites and setting up your network of malicious redirects and then finding out that someone has screwed it all up by taking down one of your infected sites. Luckily, the crew behind the BlackHole exploit kit has...

Updated Blackhole Exploit Kit Uses Random Domain Generation

An updated version of the Blackhole Exploit Kit appears to now offer an emerging technique to boost infection and redirection rates: a pseudo-random domain generator. The automation feature was discussed this week in a blog post by Symantec security researcher Nick Johnston, in which he outlined...

New Exploit Kit RedKit Discovered in Wild

A new exploit kit hit the scene recently, and according to Arseny Levin of Spiderlabs, the RedKit exploit kit contains an API that generates new host-site URLs every hour. The authors of the kit haven’t named it, so Levin and Spiderlabs simply chose to call it RedKit in reference to its color...

RedKit Exploit Kit : New web malware exploitation pack

RedKit Exploit Kit : New web malware exploitation pack Trustwave researchers have spotted a new exploit kit called "RedKit Exploit Kit" that being used in the wild is aiming to enter a market that is practically monopolized by the widely famous BlackHole and Phoenix exploit kits. In actual, The n...

US Airways Spam Redirects to Blackhole, Zeus Infection

Cybercriminals are targeting US Airways customers with malicious spam emails containing a link that, once clicked, initiates a series of redirects, eventually leading users to a domain hosting the Blackhole exploit kit. The fraudulent email presents itself as a check-in notification from US...

New Java Exploits boosts BlackHole exploit kit

New Java Exploits boosts BlackHole exploit kit A widely disseminated exploit kit popular with hackers has been updated to take advantage of a recently discovered Java vulnerability. Researchers at Microsoft reported last week that it had observed this vulnerability being exploited in the wild. Th...

Leak Site Cryptome.org Hacked, Running Blackhole Exploit Kit

The Web site of information leak site Cryptome was compromised earlier this month and infected with the Blackhole exploit kit, according to documents posted on the site. The site, which posts a wide range of open source intelligence and leaked documents, was compromised on February 8 and had its...

Attackers Using Fake Google Analytics Code to Redirect Users to Black Hole Exploit Kit

Injecting malicious code into the HTML used on legitimate Web sites is a key part of the infection lifecycle for many attack crews, and they often disguise and obfuscate their code to make it more difficult to analyze or so it appears to be legitimate code. The latest instance of this technique h...

Blackhole Exploit Kit's Dominance On Infected Hosts Could Push Rivals To the Cloud

The Blackhole exploit kit has a near monopoly on infected Web pages, according to Web security firm M86’s latest Security Labs Report, issued today. PDF The bi-annual report, which covers the last half of 2011, July to December, describe Blackhole as the source of a whopping 95 percent of all the...

Massive Compromise of WordPress Sites Leads To Phoenix Exploit Kit

Researchers at the security firm M86 report that hackers have compromised hundreds of Web sites that use the WordPress content management system. The sites, mostly small Web pages and blogs, are being used to fool spam filters and redirect unwitting visitors to drive by download Websites that wil...

Carberp and Black Hole Exploit Kit Wreaking Havoc

The Black Hole exploit kit and the Carberp Trojan have a lovely, symbiotic relationship and they’ve recently decided to take that relationship to the next level. In the last month, there has a been a major spike in the volume of Carberp infections related to attacks from sites hosting Black Hole,...

New Java Vulnerability Coming Bundled With Exploit Kits

A recently discovered Java vulnerability that’s been circulating throughout the hacking underground has begun to show up alongside the BlackHole exploit kit, according to a post on Brian Krebs’ KrebsonSecurity blog. The National Vulnerability Database claims the vulnerability is found in the Java...

Blackhole Exploit Kit attack on WampServer & Wordpress sites

Blackhole Exploit Kit attack on WampServer & Wordpress sites Kimberly from Stopmalvertising found Blackhole Exploit Kit on Website of most popular Webserver software site WAMPSERVER. Almost at the bottom of the webpage they notice a Javascript requesting a file from jquery.googlecode.com. The URL...

Blackhole Exploit Kit attack on WampServer & Wordpress sites

Blackhole Exploit Kit attack on WampServer & Wordpress sites Kimberly from Stopmalvertising found Blackhole Exploit Kit on Website of most popular Webserver software site WAMPSERVER. Almost at the bottom of the webpage they notice a Javascript requesting a file from jquery.googlecode.com. The URL...

Compromised WordPress Sites Redirecting to Black Hole Exploit Kit Servers

The Black Hole exploit kit is really becoming a serious pain in the neck for people trying to use the Internet. At some point, it may become easier to start a list of the URLs that aren’t hosting the exploit kit, rather than the ones that are. For the time being, the latest entry in the latter...

New 'Nice Pack' Exploit Kit Found, Thousands of Owned Sites Redirecting Users to Attack Site

A new exploit pack has appeared on the scene in the last week or so and it already is causing trouble for users, with thousands of compromised Web sites redirecting users to a page that is hosting the pack and exploiting vulnerabilities on their machines to install malware. The attackers behind t...

Phoenix Exploit's Kit 2.8 mini version

Phoenix Exploit's Kit 2.8 mini version Back in April of this year, we reported the leak of Phoenix Exploit Kit 2.5. The version currently in circulation is 2.8, and despite its lower activity for the last half of this year, it remains one of the preferred exploit packs used by cyber-criminals. In...

Phoenix Exploit's Kit 2.8 mini version

Phoenix Exploit's Kit 2.8 mini version Back in April of this year, we reported the leak of Phoenix Exploit Kit 2.5. The version currently in circulation is 2.8, and despite its lower activity for the last half of this year, it remains one of the preferred exploit packs used by cyber-criminals. In...

SEO Poisoning Campaign Infecting Users With Black Hole Exploit Kit

Researchers have found a new black hat SEO campaign that is being used to redirect users to links that will install the Black Hole exploit kit. The attack is based on searches for, of all things, Shia Labeouf, and leads users through a forest of redirects before plopping them on the compromised...

Black Hole Exploit Kit Available for Free

Just a couple of weeks after the source code for the Zeus crimeware kit turned up on the Web, the Black Hole exploit kit now appears to be available for download for free, as well. Black Hole normally sells for $1,500 for an annual license, and is one of the more powerful attack toolkits on the...