Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Blast from the Past: Blackhole Exploit Kit Resurfaces in Live Attacks", MBAM


  • Please log in to reply
1 reply to this topic

#1 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,677 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:17 PM

Posted 19 November 2015 - 11:58 AM

The year is 2015 and a threat actor is using the defunct Blackhole exploit kit in active drive-by download campaigns via compromised websites.

We noticed Java and PDF exploits collected by our honeypot which we havent seen in ages. Looking closer at the structure of this attack, we were surprised when we realized this was the infamous Blackhole.


Source: Blast from the Past: Blackhole Exploit Kit Resurfaces in Live Attacks

Other article(s):
Blackhole's back: Hated exploit kit returns from the dead

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


BC AdBot (Login to Remove)

 


#2 TheJokerz

TheJokerz

  • Members
  • 287 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:11:17 PM

Posted 19 November 2015 - 12:24 PM

Interesting!


utl8q0-5.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users