ID theftThere must be something in the stars.  Just
recently, the FBI nabbed Ross Ulbricht the founder of the dark web ‘drugs ‘n’ guns’ Silk
Road web site when he was hunched over a computer in a San Francisco
library.

 

And then just a few days back the Russian police said they had arrested ‘Paunch’
the author of some particularly effective malware kits known as Blackhole and
Cool. These kits were sold to criminals who used them to infect computers and
steal personal information.

The taking down of the notorious black market Silk Road was a coup for the FBI. It
claimed that clever digital sleuthing nailed Ulbricht after they traced him to an email address.  However, it has just emerged that he was actually brought down by some informants who themselves had been arrested earlier this year.

The demise of Paunch though was particularly significant for ordinary computer
users who need to protect their identity and computers from malware.  His Blackhole malware kit had gained almost legendary status among the criminal underworld.

Professional malware updates and identity thefts

It was extremely popular because it was managed effectively and ‘professionally.’ When a software vulnerability, or exploit, is discovered it can take months for a company to fix it.  However, when an exploit was discovered the details would be updated into Blackhole within a week. Paunch providing a stream of regular updates to his malware kits. This gave cybercriminals an edge in that they could use the exploit against unprotected computers.

As soon as news spread that Paunch, and his partners had been arrested, the malware apparently began to suffer. Blackhole, typically updated once or twice a day, wasn’t updated for four days. What’s more, the service used to encrypt the Blackhole kit went offline almost as soon as the first tweet about Paunch’s arrest hit Twitter.

The king is dead, long live the king

Given that Paunch has been taken out of circulation and Blackhole is not being updated like it was before it’s reasonable to assume that someone else will step in to fill the void.

Much of today’s malware is largely dependent upon crimeware kits and there’s a vast underground market out there that snaps up this stuff up. It’s a hugely lucrative business, malware kits can be sold for around $3,000 each and more.

This malware is designed to bypass traditional security solutions by exploiting new vulnerabilities. It will detect and exploit vulnerabilities on applications installed on computers and if successful can compromise the security of all data on any PC that is infected.  It makes hacking easy. In fact, these type of malware kits are largely responsible for the huge growth in malicious web links over the past year.

Identity theft protection software

People with minimal technical skills can simply point and click and create software that will take over computers. Thankfully, there are ways to protect your computer and your personal information.

The behavioural detection engine in BullGuard Internet Security is designed specifically to detect the types of attacks launched by malware such as Blackhole, sometimes known as zero-day exploits. It’s an effective defence against these exploit kits and offers good identity protection, which is what the villains are after.

We’ll be posting more blogs on malware crime kits and other methodshackers use to attack systems soon.

Posted by Steve Bell 

Written by Steve Bell (88 Posts)

Steve has a background in IT and business journalism and in the past has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies in a copy and content producing capacity. He has a particular focus on IT security and has been involved in writing about the industry at various levels ranging from magazine launches to producing newsletters. He also runs a small copy writing business called Art of Words. When not bashing away at a keyboard he can sometimes be found in a boxing gym making futile efforts to keep fit or marveling at the works of Sufi poets such as Jalaluddin Rumi and Hafiz of Shiraz.


Leave a Reply

Your email address will not be published.


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>