14 DAY TRIAL // FAfter the public release of the ZeuS source code a couple of weeks ago, another expensive piece of crimeware, the BlackHole exploit kit, is now available for free.
The package was uploaded to free file sharing sites and the download link was posted on a website called The Hacker News.
The BlackHole exploit kit is relatively new, first appearing in September 2010, and is commonly used in drive-by download attacks at this moment.
A one-year BlackHole license costs around $1,500, a semi-annual one $1,000 and a quarterly one, $700. Another option is to rent it for 24 hours ($50), one week ($200), two weeks ($300), three weeks ($400) or four weeks ($500).
One of the BlackHole features most appreciated by cyber crooks is its sophisticated traffic direction script (TDS) which supports very complex rules.
TDS systems are used to direct users to certain payloads based on criteria that include operating system, browser version, country of origin, referrer website, and even current time.
The availability of BlackHole will not make paying customers very happy. Even though their licenses include free upgrades and support, they doen't necessarily justify $1,500 when others have access to the same package for free.
Just as in the case of the ZeuS source code leak, this release is also bad news for Internet users, because it can have dangerous consequences.
One is that, since anyone can download it, the number of BlackHole attacks will increase. Fortunately, setting up the entire infrastructure needed to pull off very successful attacks are above the abilities of the average cyber crook.
The second consequence is that those knowledgeable enough can modify it to suit their particular needs, therefore creating tens of customized variants.
As with any drive-by download attack, the best protection against BlackHole attacks is to keep software up to date and to use an antivirus engine with good heuristic detection.