The Blackhole Exploit kit was good, so good in fact that criminals are having trouble finding anything with the capabilities to take its place, security firm Websense has noticed.
According to the firm's monitoring, phishing campaigns sent via the important Cutwail bot that once made extensive use of the kit have been forced to experiment with a mixture of conventional Zip attachment spam and an alternative exploit kit, Magnitude.
The change happened in October, within days of the arrest of Blackhole's Russian creator, dubbed "Paunch." Since then, the gangs have been forced to chop and change new attack strategies, achieving mixed levels of success, Websense said.
It turns out that attachment spam is still effective when it gets past filters as are old-style phishing attacks using traditional lures such as "work at home" and dieting. Often tactics are what distinguishes one gang form another on Cutwail, for instance the prominent "Zeus GameOver" operation that specialises in collecting bank logins.
To read this article in full or to leave a comment, please click here
ConversionConversion EmoticonEmoticon