Journey to the bottom of a black hole presented at Hacktivity 2012

by Gbor Szappanos,

Tags: Security

Summary : Web-based attacks are the number one threats nowadays. In most of these cases the infiltration to the victims are not achieved by custom-made individual solutions rather by emplying one of the ready-to-use exploit kits that are easily available t buy or for rent. The most actively deployed exploit kit over the last year was Blackhole, which utilized a number of different vulneratilities (PDF, Java, SWF, HTML) to infect the victim systems then serve as a C&C server for the infected computers.
The presentation explains in detail the typical infection scheme using real-life incidents observed recently, then describes the underlying Blackhole backend architecture.