Reduce Data Breach Damage by Improving Detection and Response According to an article on ZDNet, one of the most popular exploit kits is coming back to life, even though its developer was arrested a couple of years ago. According to the article: The Blackhole exploit kit was one of the most well-known kits available to […]
Reduce Data Breach Damage by Improving Detection and Response
According to an article on ZDNet, one of the most popular exploit kits is coming back to life, even though its developer was arrested a couple of years ago. According to the article:
The Blackhole exploit kit was one of the most well-known kits available to cybercriminals on the web. Available to “rent” for up to $700 a month, the exploit kit contained Web-based vulnerabilities designed to deliver malware payloads of the buyer’s choice to compromised systems. . . . It might be several years later [after the arrest], but the exploit kit has been spotted in drive-by downloads on compromised websites.
Jerome Segura, senior researcher with Malwarebytes, discovered the resurgent exploit kit and told Info Security Magazine:
Although the exploits are old, there are probably still vulnerable computers out there who could get compromised. We also noticed that the author behind this Blackhole edition was working on new landing pages, so it is possible there might be additional changes in the future.
There are two important takeaways to this news.
First, the resurgence of Blackhole seems to be following a small trend of old pieces of malware making a return appearance. Last month, for instance, I reported on G DATA’s study that found that banking Trojans are on the rise for the first time in several years.
Second, Blackhole returned at the same time we’re seeing a huge jump in exploit kit activity. In its third quarter DNS Threat Index, Infoblox reported that exploit kit activity jumped 75 percent during this period. The Index looks at the creation of malicious DNS, and this quarter it found that four kits in particular — Angler, Magnitude, Neutrino and Nuclear – were responsible for 96 percent of the activity. As Craig Sanderson, senior director of security products at Infoblox, explained in a prepared statement, exploit kits are behind some of the highest-profile attacks in recent months.
Also in a statement, Rod Rasmussen, chief technology officer at IID, added that exploit kits are constantly evolving to take advantage of newly discovered vulnerabilities and to avoid traditional security systems. That apparently also means taking old kits and bringing them back to life.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom’s Guide. You can reach Sue via Twitter: @sueporemba
Sue Poremba is freelance writer based on Central PA. She's been writing about cybersecurity and technology trends since 2008.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
