Blackhole Author Arrested: 10 Facts About The Automated Attack Toolkit

Blackhole Targets Website Vulnerabilities

Toolkit owners set up an attack platform by targeting vulnerable websites. SQL injection and cross-site scripting errors are the most common Web application vulnerabilities. The Blackhole toolkit uses malicious JavaScript to load an iFrame within the HTML on a page and silently scan's visitors' systems for flaws that can be easily exploited. A flaw that is detected automatically triggers the exploit, dropping a malware loader onto the victim's machine.

Get a roundup of CRN's security coverage right to your inbox with the Security Advisor newsletter.