Blackhole: cybercrime toolkit of choice

Not only is global cybercrime so well organised that malware toolkits are sold with technical support, there's now a clear toolkit of choice: Blackhole.

Not only is global cybercrime so well organised that malware toolkits are sold with technical support, there's now a clear toolkit of choice: Blackhole.

According to M86 Security Labs' recap report for July-December 2011 (PDF), 95 per cent of attacks are now conducted using a version of Blackhole.

As Jason Pearce, M86's sales engineering director for the Asia-Pacific region, explains on this week's Patch Monday podcast, that's because Blackhole is easy to use, is updated regularly and has a high success rate.

Blackhole upgrades and support are relatively expensive, but older versions can be downloaded for free, and the supposedly out-of-date exploits are still effective against poorly maintained systems.

"Some of the vulnerabilities that are part of the toolkit are as old as 2002 [or] 2003, so it points to a big problem," Pearce said: many users and organisations still aren't patching their machines.

Pearce also dismisses many of the claims that attacks are perpetrated by or targeted at nation states and their intelligence agencies as "conspiracy theories", and suggests that all the attention paid to the attacks credited to Anonymous could be a dangerous distraction.

"They're doing other criminal entities a bit of a favour at the moment by, you know, taking the pressure off them," he said.

To leave an audio comment on the program, Skype to stilgherrian, or phone (02) 8011 3733.

Running time: 32 minutes, 02 seconds

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All