There must be something in the stars. Just recently, the FBI nabbed Ross Ulbricht the founder of the dark web ‘drugs ‘n’ guns’ Silk Road web site when he was hunched over a computer in a San Francisco library.
And then just a few days back the Russian police said they had arrested ‘Paunch’ the author of some particularly effective malware kits known as Blackhole and Cool. These kits were sold to criminals who used them to infect computers and steal personal information.
The taking down of the notorious black market Silk Road was a coup for the FBI. It claimed that clever digital sleuthing nailed Ulbricht after they traced him to an email address. However, it has just emerged that he was actually brought down by some informants who themselves had been arrested earlier this year.
The demise of Paunch though was particularly significant for ordinary computer users who need to protect their identity and computers from malware. His Blackhole malware kit had gained almost legendary status among the criminal underworld.
Professional malware updates and identity thefts
It was extremely popular because it was managed effectively and ‘professionally.’ When a software vulnerability, or exploit, is discovered it can take months for a company to fix it. However, when an exploit was discovered the details would be updated into Blackhole within a week. Paunch providing a stream of regular updates to his malware kits. This gave cybercriminals an edge in that they could use the exploit against unprotected computers.
As soon as news spread that Paunch, and his partners had been arrested, the malware apparently began to suffer. Blackhole, typically updated once or twice a day, wasn't updated for four days. What's more, the service used to encrypt the Blackhole kit went offline almost as soon as the first tweet about Paunch’s arrest hit Twitter.
The king is dead, long live the king
Given that Paunch has been taken out of circulation and Blackhole is not being updated like it was before it’s reasonable to assume that someone else will step in to fill the void.
Much of today’s malware is largely dependent upon crimeware kits and there’s a vast underground market out there that snaps up this stuff up. It’s a hugely lucrative business, malware kits can be sold for around $3,000 each and more.
This malware is designed to bypass traditional security solutions by exploiting new vulnerabilities. It will detect and exploit vulnerabilities on applications installed on computers and if successful can compromise the security of all data on any PC that is infected. It makes hacking easy. In fact, these type of malware kits are largely responsible for the huge growth in malicious web links over the past year.
Identity theft protection software
People with minimal technical skills can simply point and click and create software that will take over computers. Thankfully, there are ways to protect your computer and your personal information.
The behavioural detection engine in BullGuard Internet Security is designed specifically to detect the types of attacks launched by malware such as Blackhole, sometimes known as zero-day exploits. It’s an effective defence against these exploit kits and offers good identity protection, which is what the villains are after.
We’ll be posting more blogs on malware crime kits and other methods hackers use to attack systems soon.
Posted by Steve Bell