BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Hackers move to create next Blackhole after 'Paunch' arrest

From: Lee J <lee () riskbasedsecurity com>
Date: Thu, 10 Oct 2013 09:15:39 +1100
http://www.networkworld.com/news/2013/100813-hackers-move-to-create-next-274644.html?source=nww_rss

Computerworld - Security researchers Tuesday said reports of the arrest of
the hacker<http://www.computerworld.com/s/article/9243061/Blackhole_exploit_kit_author_arrested_in_Russia>behind
Blackhole, one of the most widely used exploit kits on the Internet, is
good news for IT operations and users. But it shouldn't be long before
another hacker takes his place.

"[It's] is a big deal," said Mikko Hypponen, chief research officer at
security firm F-Secure. "According to our statistics, Paunch has been the
biggest provider of exploit packs for the past two years."

Blackhole and the Cool Exploit Kit, both from Paunch, have fueled an
underground economy in recent years, Hypponen said. "Now that Paunch is off
the market, we're probably going to see a fight on who will take his place."

Graham Cluley, an independent security research called the arrest "a coup
for cybercrime-fighting authorities. [It] disrupts the development of one
of the most notorious exploit kits the web has ever seen," he said.

That said, Cluley predicts that it's only a matter of time before another
powerful exploit takes its place, he noted.

Several other exploit kits, including the Whitehole Exploit Kit, Sweet
Orange Exploit Kit and the Redkit Exploit kit, are already been jostling
for the attention of top hackers in the cyber underground.

"Nature abhors a vacuum," Cluely noted. "Other online criminals are waiting
to take [the] place" of Blackhole.

[...]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Previous By Date Next
Previous By Thread Next

Current thread: