Blackhole Exploit Kit Research Paper Example | Topics and Well Written Essays - 1750 words

Blackhole Exploit Kit - Research Paper ExampleIt can deliver various(a) malw are depending on the operating system and geographical location of the victim or depend on the clock of day or other criteria that the attacker has identified (Howard, 2012). Often, a user would visit a compromised though legitimate networksite that had been outfitted with an external or iframe reference that point to the Blackhole play site. Because of this invisible call, malware and actions would be delivered taciturnly while the user is browsing on a legitimate but compromised website. The victim would not be redirected forcibly as there would be no external sign and the user is likely to reside on the legitimate website and it is likely that he or she would be unaware that malware is loading in the solid ground (International Business, 2012). In order to have a better understanding of this topic, this paper will discuss in more details what Blackhole exploit kits are and how they work. In recent t imes, the Blackhole exploit kit has gained wide credence and it is one of the about common exploit frameworks that are used for delivery of web-based malware (Ouchn, 2012). This type of crimeware Web operation was developed by a Russian hacker known as HodLum to take advantage of exploits that are unpatched to hack computers through malicious scripts that are planted on legitimate but compromised websites. The first Blackhole exploit kit appeared in the market in August 2010 (Howard, 2012). Since then, there have been newer releases, as well as a free version of the kit. The Blackhole exploit kits are based on a MySQL and PHP backend and incorporate have got for exploiting the most vulnerable and widely used security flaws with the purpose of providing hackers with the highest successful exploitation probability (Rajaraman, 2011). Typically, these kits mark the Windows operating system version, as well as applications that have been installed on Windows platform. The most famou s Blackhole exploit kit attack was in April 2011 that targeted the website of the United States Postal services Rapid Information bulletin Board System (RIBBS) (Wisniewski, 2012). There are various versions of the Blackhole exploit kit including v1.2.2, which was released in February of the year 2012, and it is the most recent version and v1.0.0 version, which was released in late 2010 and was the first version (Ouchn, 2012). The Blackhole exploit kit is made up of various PHP scripts series that are designed to run on a website or a web server. These scripts are protected using the commercial ionCube encoder presumably to prevent other miscreants against stealing their code and so hindering analysis (International Business, 2012). The Blackhole exploit kit has general characteristics that enable them to deliver exploits through compromised websites. These characteristics include material body options for the usual parameters such as redirect URLs, file paths, query string paramet ers, passwords, and usernames.