Whitehole exploit kit in the spotlight
Posted on 07.02.2013
The effectiveness of exploit kits has made them malware peddlers' preferred way of distributing their malicious wares. The Blackhole exploit kit is, by far, the most most used one, and has pretty much cornered the market at the moment, but there are other kits out there looking to challenge its supremacy.

Among them is a new exploit kit that has been dubbed "Whitehole" by researchers for the simple reason of differentiating it from Blackhole.

Whitehole employs exploits for five Java Runtime Environment vulnerabilities, and among them is also the recently patched zero-day (CVE-2013-0422) that has ben wreaking havoc last month, and exploits for which have been added both to the Blackhole and Cool exploit kit.

"Whitehole Exploit Kit is purportedly under development and runs in 'test-release' mode," shared Trend Micro threat response engineer Jonh Chua. "However, the people behind this kit are already peddling the kit and even command a fee ranging from USD 200 to USD 1800."

The ability to evade antimalware detections, to prevent Google Safe Browsing from blocking it, and to load as much as 20 files at once will likely make it easy for Whitehole to secure a considerable slice of the market for itself. The smaller price when compared to Blackhole is also worth mentioning.

The kit is currently employed in several campaigns to deliver the ZeroAccess backdoor and downloader Trojan and ransomware.


The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Aug 1st