Blackhole exploits a major problem in OctoberNovember 19, 2012 – 9:52 AM
Blackhole, says Christopher Boyd, senior threat researcher at GFI Software, “is the chameleon of internet threats. It simplifies the process of creating cybercrime campaigns and is easily adapted to take advantage of the buzz surrounding major news events and popular brands.” It is also easily adapted to target specific users or specific companies with specific malware.
Blackhole campaigns are consequently frequently based around spam emails seeking to socially engineer the target into visiting the malicious landing page. Newsworthy topics, or subjects of interest to a large number of users are often used. This happened in October. Just prior to the release of Windows 8, some users received an email offering a free license. But, comments GFI, “Users who clicked the malicious link and downloaded the accompanying file were hit with a Blackhole exploit and infected with a Cridex Trojan” rather than a free copy of Windows 8.
Skype, the chat and VOIP firm now part of Microsoft, was also used. Statistic Brain reports that there were 31 million Skype users in January 2012; Skype itself now says that at peak times it has 40 million users online. According to GFI, Skype was used as the basis for numerous malicious campaigns in October. One that led to a Blackhole site comprised emails purporting to be Skype voicemail notifications – but instead delivered a Zeus trojan.