The main feature of the new tool is that it is not detected by most antivirus programs.
According to Trend Micro, an antivirus company experts have found a new set of exploits that can avoid detection by anti-virus solutions, as well as blocking of the service Google Safe Browsing.
The experts also noted that the functional Whitehole quite similar to the more popular set of exploits Blackhole, but unlike the latter, he does not use JavaScript, to hide the use plugindetect.js.
However, according to researchers, is currently set works in "test" mode and is constantly updated. However, Whitehole already available on underground hacker forums in price from $ 200 to $ 1800.
Malicious programs contained in Whitehole, able to connect to certain web-sites in order to send and receive data, and to suspend some processes. In addition, it downloads other malicious files to the infected system.
Full report Trend Micro can be found here.
No comments:
Post a Comment