Fast look at an infection by a Blackhole Exploit Kit 2.0
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Fast look at an infection by a Blackhole Exploit Kit 2.0 | |
|---|---|
| |
| Botnet | |
| Malware | |
| Botnet/malware group | |
| Exploit kits | Blackhole |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 2012-09-13 |
| Editor/Conference | |
| Link | http://malware.dontneedcoffee.com/2012/09/BHEK2.0landing.html (Archive copy) |
| Author | Kafeine |
| Type | |
Abstract
“ If you didn't know that Blackhole Exploit Kit has been rewritten to version 2.0 take a look at this post
All files here : http://kafeine.minus.com/mbkP1Nl0bC
Goal of this post : show how an infection via the new version of Blackhole looks like. Forget the main.php?page=0123456789abcdef and variants it's (almost) over now.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1248,
editor = {},
author = {Kafeine},
title = {Fast look at an infection by a Blackhole Exploit Kit 2.0},
date = {13},
month = Sep,
year = {2012},
howpublished = {\url{http://malware.dontneedcoffee.com/2012/09/BHEK2.0landing.html}},
}