Malware Hackers Get Dangerously Shifty With Black Hole 2.0 - HotHardware
Malware Hackers Get Dangerously Shifty With Black Hole 2.0

Malware Hackers Get Dangerously Shifty With Black Hole 2.0

Well here's a bit of a bummer going into the weekend. Apparently the developer responsible for the popular Black Hole exploit kit -- the one that lazy hackers and inexperienced script kiddies are particularly drawn towards -- has released a new version of his nefarious software, with new and improved features designed to evade antivirus scanners. Oh joy.

Black Hole is popular because it's relatively easy to use no matter what the attacker's skill level, and because it's capable of exploiting a number of vulnerabilities. According to security firm Kaspersky, pretty much any backwoods hackabilly can wield Black Hole like a pro and wreak havoc with just a few mouse clicks.

IE Infested

Now is a good time to brush up on your safe computing habits. One of the many new features in Black Hole 2.0 is the ability to use short-term random URLs for delivering exploits.

"Attackers often will compromise legitimate Web sites via SQL injection or some other common method and load their malicious code on the sites and rig it to attack users' browsers with specific exploits as they hit the site," Kaspersky explains. "One problem with this technique from the attacker's point of view is that if the compromised page is detected or removed for some other reason, the attack dies.

"Enter random domain generation. This feature will generate a new, random URL for the attacker's code to live on, sometimes with a shelf life of just a few seconds. This makes detection of malicious pages far more difficult for site owners and security companies."

Sandboxie runs your programs in an isolated environment (called a "sandbox") to prevent malicious programs from making permanent changes to your PC.

Scary stuff, and it's only one of Black Hole's many new tricks (Protip: Use Sandboxie to run your browser and/or other programs in an isolated environment without the hassle of setting up a virtual machine). The software also casts a wider net by adding more operating systems to the mix, including Windows 8 and a bunch of mobile OSes.
+ -

It will never stop. AV companies will ~always~ be playing catch-up to the latest exploits.

+ -

Deepfreeze from faronics, $35 for a personal license.

Oh whats this? my computer has 35bajillion virus, malware, rootkits, and or otherwise is totally screwed? meh whatever, just reboot. Only the hardcore of the hardcore hackers could even begin to infect a system with DF. seriously, any teenyhackers that exist will seriously rage at you if you can circumvent their "1334" coding skills with a reboot.

btw it's also great for testing out unknown software and even developing programs. as you always reboot into a fresh install.

Login or Register to Comment
Post a Comment
Username:   Password: