Is the Blackhole exploit kit finished?

SophosLabsmalware

Blackhole malware crimekit arrestWhen news broke in October that the criminals behind the notorious Blackhole exploit kit had been arrested in Russia, our threat experts were understandably excited. But more importantly, SophosLabs went to work to understand this development and figure out what it means for cybercrime and IT security at large.

As SophosLabs researcher Fraser Howard reported yesterday in his post at Naked Security, Blackhole had already been declining in prevalence prior to the arrests. So does this mean the end of Blackhole? And how will this news change the threat landscape overall?

According to Fraser, “assuming that the players behind Blackhole have indeed been removed from the game, it is possible that the apparent decline we have seen in the past week will continue.”

That might mean Blackhole is headed toward the exit. Unfortunately, Fraser explains, that doesn’t necessarily mean cybercriminals will take a hit or that threats will decrease overall. As Blackhole declines, other crimeware kits will rise to take its place. Read more of Fraser’s take on these developments here: Assessing the impact of the Blackhole arrests.

Want to know more about Blackhole?

For a deep dive into how Blackhole works and how it evolved, we recommend checking out our technical papers: Inside a Black Hole and Inside a Black Hole Part 2. We also covered Blackhole extensively in our whitepaper Malware B-Z: Inside the Threat From Blackhole to ZeroAccess.

SophosLabs is on the Case

Our SophosLabs researchers track millions of pieces of malware, in real time. It’s what we do. Learn more about how we keep you secure from threats like Blackhole and everything that comes next.

2 Comments

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s