Blackhole Exploit Kit Research Paper Example | Topics and Well Written Essays - 1750 words

Blackhole Exploit Kit - Research Paper Example It can deliver various malware depending on the operating system and geographical location of the victim or depend on the time of day or other criteria that the attacker has identified (Howard, 2012). Often, a user would visit a compromised though legitimate website that had been outfitted with an external or iframe reference that point to the Blackhole exploit site. Because of this invisible call, malware and exploits would be delivered silently while the user is browsing on a legitimate but compromised website. The victim would not be redirected forcibly as there would be no external sign and the user is likely to remain on the legitimate website and it is likely that he or she would be unaware that malware is loading in the background (International Business, 2012). In order to have a better understanding of this topic, this paper will discuss in more details what Blackhole exploit kits are and how they work. In recent times, the Blackhole exploit kit has gained wide adoption and it is one of the most common exploit frameworks that are used for delivery of web-based malware (Ouchn, 2012). This type of crimeware Web application was developed by a Russian hacker known as HodLum to take advantage of exploits that are unpatched to hack computers through malicious scripts that are planted on legitimate but compromised websites. The first Blackhole exploit kit appeared in the market in August 2010 (Howard, 2012). Since then, there have been newer releases, as well as a free version of the kit. The Blackhole exploit kits are based on a MySQL and PHP backend and incorporate support for exploiting the most vulnerable and widely used security flaws with the purpose of providing hackers with the highest successful exploitation probability (Rajaraman, 2011). Typically, these kits target the Windows operating system version, as well as applications that have been installed on Windows platform. The most famous Blackhole exploit kit attack was in April 2011 that targeted t he website of the United States Postal service’s Rapid Information Bulletin Board System (RIBBS) (Wisniewski, 2012). There are various versions of the Blackhole exploit kit including v1.2.2, which was released in February of the year 2012, and it is the most recent version and v1.0.0 version, which was released in late 2010 and was the first version (Ouchn, 2012). The Blackhole exploit kit is made up of various PHP scripts series that are designed to run on a website or a web server. These scripts are protected using the commercial ionCube encoder presumably to prevent other miscreants against stealing their code and therefore hindering analysis (International Business, 2012). The Blackhole exploit kit has general characteristics that enable them to deliver exploits through compromised websites. These characteristics include configuration options for the usual parameters such as redirect URLs, file paths, query string parameters, passwords, and usernames.