Paunch, the developer of BlackHole Exploit kit , has announced the new version 2.0 of the BlackHole Exploit kit. The new version claimed to have more features that makes this kit best in the market.
As far as we know, BlakHole is the most successful exploit kit which includes a collection of exploits to take advantage of vulnerability in the victim's machine to download malwares. There are plenty of other kits but BH is number one in the market because of its tremendous features.The developer claimed that AV companies detects the old version very quickly. So in order to make their customers, they have rewritten the code of this exploit kit from scratch.
The latest version generates a dynamic URL, which is valid for a few seconds. So malware analyst can't analyze the malware page even though victims give URL details. It also protect the malware files from being downloaded multiple times.
"JAR and PDF exploits show only for detected vulnerable versions of plug-ins if the plug is not vulnerable,exploits not issued, and not get in detection loop." The developer ad translated by Malware don't need coffee.
" In version 1. * link to malicious payload unfortunately was recognizable for AV companies and reversers, she looked this kind,. /Main.php?Varname=lgjlrewgjlrwbnvl2. The new version of the link to the malicious payload you can choose yourself, here are some examples: /news/index.php,/contacts.php and so on, now for the moment no one AV can not catch. And by default stream names when creating the flow created automatically from the dictionary with the actual words and not a random letters."
There is no change in the price.
The new features sounds great for Cyber Criminals but not for Malware analyst.
