Hackers about hacking techniques in our IT Security Magazine

ACH BlackHole exploit kit back in circulation

After a short pause, the failed/cancelled ACH transaction spam is hitting inboxes again. 200,000 of these types of emails had been intercepted by yesterday. The 7-digit number in the subject line changes randomly from email to email, but the embedded link is always the same, say security researchers.

If a user clicks on the email they will be taken through a number of redirections to a malicious web page hosting the ‘BlackHole’ exploit kit which will aim to deliver the Zbot payload. Zbot steals confidential information and opens a back door port to the infected system. VirusTotal reports that 29 from 43 AV solutions currently detection and remediate the malicious files. Update 09/28/11 – the web page hosting the malicious payload has been taken down.

September 29, 2011

0 Responses on ACH BlackHole exploit kit back in circulation"

Add Comment Register



Leave a Message

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>