Tuesday, January 16, 2018
Home / Malware / Blackhole dominates web malware attacks

Blackhole dominates web malware attacks

According to a recent security article from Sophos, “drive-by” download attempts now comprise more than half of malware assaults on Web users. And the most seen drive-by exploit accounts for 31 percent of the internet attacks discovered by the company’s security package in the last half of 2011—a bundle called Blackhole.

Blackhole constitutes an exploit kit accustomed to inject malware, adware and spyware into PCs that visit an exploit internet site, or are redirected to such a site from a different, compromised website. The kit’s developers endlessly update Blackhole’s exploit capabilities, which revolve around Java vulnerabilities, but Sophos alleges that a lot of computers continue to have older exposures because of haphazard Java patch installment. Hackers commonly apply the exploit kit to drop malware specified botnets assembled with the Zeus toolkit, rootkits, or false antivirus bundles that pressure users to pay for deceitful malware protection.


Amongst the additional security statistics in Sophos’s article:


  • The US tops the world in sources of spam e-mails, accounting for 11.43 percent of 2011’s detected traffic. India was the closest runner-up, at 8 percent.
  • The riskiest place to run a computer network in the world is Chile, measured by the percentage of computers experiencing a malware attack over a three month period, scoring a threat exposure rate (TER) of 61, nearly ten times the rate of attacks on systems in the US. China came in second with a TER of 45. The country with the safest network: Luxembourg.
  • Conficker, the Windows worm also known as Downup and Kido, is still the most commonly detected malware in the world over three years after its first detection. The worm, which spreads over network connections, thumb drives, and other removable media, accounted for nearly 15 percent of all infection attempts caught by Sophos in the last six months.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Megaupload plan to return after 5 years

The huge file-sharing website, Megaupload is scheduled to relaunch, five years after being raided and …

  • Framinghams

    Hallo,ich brauche nenigrdd Hilfe von Jemandem, der einen Plan davon hat. Denn genau oben beschriebenes Problem habe ich seit gestern. Dabei habe ich NIE irgendwelche Internet Security runtergeladen. Wie kann sich dieser Internet Security auf meinem PC installieren?Was kann ich tun wenn ich keinen anderen PC besitze? Gibt es da noch eine Mf6glichkeit?Diese Beschreibung habe ich leider nicht verstanden: ” Starten Sie Ihren Computer normal. Warten Sie darauf, dass XP Internet Security 2011 startet und lassen Sie exeregfix.reg laufen. Dadurch sollte es mf6glich sein, serif6se Programme zu f6ffnen. ” Wenn ich meinen PC starte, f6ffnet sich automatisch dieser XP Internet Security 2011 und fe4ngt an zu scannen. Ich hab dann die Mf6glichkeit auf Stop zu klicken. Was muss ich an der Stelle tun?Es we4re wirklcih sehr schf6n wenn ihr mit helfen kf6nntet.Freundliche Grfcdfe zu NachtC.