Cyber crooks have made their attacks stealthier with the launch of a aggressive exploit kit Cool exploit kit to generate malicious code on legitimate websites. Cool can exploit multiple un-patched vulnerabilities in the user’s browsers, browser plug-ins, software applications or operating systems. Exploit kits are still making rounds, nothing new
there.A new kid has been dubbed as Cool Exploit Kit.
Lately, we're seeing that Blackhole updated to the latest PluginDetect version 0.7.9, which has already been used by Cool.It seems that Blackhole is also now exploiting the Java vulnerability,another vulnerability being exploited by Cool. In addition to this, Blackhole is once again serving Flash exploits like it did in version 1,of course, Cool wouldn't want to be left behind as it performs similar checks to the same plugins and exploits the same vulnerabilities.
It may be just us, but the version checks by the two kits are very much alike. And when we checked out Cool’s Flash exploits, we notice that it uses the same Flash filenames as seen from Blackhole version 1, which happen to exploit the same Flash vulnerabilities,although other functions are pretty much similar as well.
Lately, we're seeing that Blackhole updated to the latest PluginDetect version 0.7.9, which has already been used by Cool.It seems that Blackhole is also now exploiting the Java vulnerability,another vulnerability being exploited by Cool. In addition to this, Blackhole is once again serving Flash exploits like it did in version 1,of course, Cool wouldn't want to be left behind as it performs similar checks to the same plugins and exploits the same vulnerabilities.
It may be just us, but the version checks by the two kits are very much alike. And when we checked out Cool’s Flash exploits, we notice that it uses the same Flash filenames as seen from Blackhole version 1, which happen to exploit the same Flash vulnerabilities,although other functions are pretty much similar as well.
With all these “differences”,
it appears that Cool and Blackhole are more than just a tiny bit
related. And it wasn't only us that noticed that, @kafeine mentioned in his post that there's a high chance that both kits have the same author.
Post a Comment
I'm certainly not an expert, but I'll try my hardest to explain what I do know and research what I don't know. Be sure to check back again , after moderation i do make every effort to reply to your comments .