Tag Archives: black hole

Another Clever Drive-By

Posted on February 23, 2013 by darryl

This is yet another drive-by that was challenging to find. It delivered payloads from two different exploit packs making it very cruel too. Below is the infected webpage. I kept visiting this page, scrolling up and down, and nothing happened … Continue reading

Posted in Exploit Packs, Malscript | Tagged , , , | 166 Comments

Exploit Packs and the Secret Decoder Ring

Posted on November 17, 2012 by darryl

If you’ve ever analyzed an exploit pack, you will often see a string of strange characters as parameters to a Java applet. You might have even noticed a certain pattern suggesting that this isn’t random characters. Here’s what I’m talking … Continue reading

Posted in Exploit Packs, Tools | Tagged , , , , | Leave a comment

Elaborate Black Hole Infection

Posted on October 22, 2011 by darryl

I normally come across straight-forward drive-by downloads. Due to some website compromise, a web page is modified to include a link to a malicious website (e.g. iframe or external Javascript file) that infects unsuspecting visitors. In this case, the infection … Continue reading

Posted in Malscript | Tagged , , | Leave a comment

UPS Scam Email Links to Black Hole

Posted on April 23, 2011 by darryl

Here we see a fake UPS email suggesting that a package has arrived. Recipients of this scam email may be inclined to click on one or both of the links. The first link does take you to ups.com. The second … Continue reading

Posted in Exploit Packs, Malscript | Tagged , , | 4 Comments