Blackhole Exploit Kit Research Paper Example | Topics and Well Written Essays - 1750 words

Blackhole Exploit Kit - Research Paper ExampleIt can deliver various malw ar depending on the operating system and geographical localisation of function of the victim or depend on the time of day or other criteria that the attacker has identified (Howard, 2012). Often, a user would visit a compromised though legitimate website that had been outfitted with an external or iframe reference that point to the Blackhole proceeding site. Because of this invisible call, malware and exploits would be delivered silently while the user is browsing on a legitimate but compromised website. The victim would not be redirected forcibly as there would be no external sign and the user is likely to cover on the legitimate website and it is likely that he or she would be unaware that malware is loading in the background (International Business, 2012). In order to have a come apart understanding of this topic, this paper will discuss in more details what Blackhole exploit kits are and how they work. In recent times, the Blackhole exploit kit has gained wide bridal and it is one of the approximately common exploit frameworks that are used for delivery of web-based malware (Ouchn, 2012). This type of crimeware Web application was developed by a Russian cyberpunk known as HodLum to take advantage of exploits that are unpatched to hack computers through malicious scripts that are planted on legitimate but compromised websites. The first Blackhole exploit kit appeared in the market in August 2010 (Howard, 2012). Since then, there have been newer releases, as well as a free version of the kit. The Blackhole exploit kits are based on a MySQL and PHP backend and incorporate support for exploiting the most vulnerable and widely used security flaws with the purpose of providing hackers with the highest successful exploitation probability (Rajaraman, 2011). Typically, these kits orient the Windows operating system version, as well as applications that have been installed on Windows pl atform. The most famous Blackhole exploit kit attack was in April 2011 that targeted the website of the United States postal services Rapid Information Bulletin Board System (RIBBS) (Wisniewski, 2012). There are various versions of the Blackhole exploit kit including v1.2.2, which was released in February of the year 2012, and it is the most recent version and v1.0.0 version, which was released in late 2010 and was the first version (Ouchn, 2012). The Blackhole exploit kit is made up of various PHP scripts series that are designed to remain on a website or a web server. These scripts are protected using the commercial ionCube encoder presumably to prevent other miscreants against stealing their code and therefrom hindering analysis (International Business, 2012). The Blackhole exploit kit has general characteristics that enable them to deliver exploits through compromised websites. These characteristics include configuration options for the usual parameters such as redirect URLs, send paths, query string parameters, passwords, and usernames.