Popular Attack Toolkit BlackHole Substituted with Magnitude
According to Counter Threat Unit (CTU) of Dell SecureWorks, following the news about BlackHole attack toolkit's developer, nicknamed "Paunch" the hacker being arrested, a Cutwail bot-controller group that proliferated bank info-stealing Trojan viruses recently abandoned the popular toolkit replacing it with Magnitude (earlier called Popads), which is another attack toolkit the security industry has identified. Infosecurity-magazine.com reported this dated October 21, 2013.
Although known pretty less as well as less widely used, Magnitude, however, performs the identical tasks which BlackHole accomplished. The Cutwail botnet's Magnitude variant directs the end-user for clicking so he may download one browser update, nevertheless, rather than that, the end-user unwittingly pulls down malware.
Simultaneously, an iFrame, in a malevolent act, diverts the web-browser onto Magnitude. Researchers of Dell SecureWorks' CTU noted that the attack toolkit installed Trojan ZeroAccess on computers affected with any vulnerability abused.
If pulled down and able to effectively establish communication with the malware's command-and-control server, the malicious item, which Dell examined, summons Zbot/ZeuS so account credentials can be seized through form grabbing and man-in-the-browser type keylogger operation.
According to the security company, cyber-crooks fast adjust so continuity can be kept of their operation. A combination of exploit kits and social engineering helps to run an effective campaign as also to be able to infect a largest possible number of victims. Crn.com published this dated October 21, 2013.
Security Strategist Richard Henderson at FortiGuard Labs stated that BlackHole operations no longer existed. However, it was definite that other toolkits would take its place. But that moment of occurrence was difficult to predict. Essentially, whenever a hacker got caught there was always another who considered himself sufficiently dexterous for countering arrest as he attempted at churning huge revenues, Henderson added. Securityweek.com published this dated October 21, 2013.
Meanwhile, Senior Security Advisor Chester Wisniewski of Sophos says that newer attack toolkits have in fact by now started to make the replacement. Those two most commonly found currently include Neutrino and Glazunov; although it can't be surely said which one yielded the greatest earning following BlackHole's disappearance, according to the security advisor. Securityweek.com published this.
» SPAMfighter News - 26-10-2013