BlackOS software package automates website hacking, costs $3,800 a year

Share this article:
The malicious package is being sold on underground markets for $3,800 a year.
The malicious package is being sold on underground markets for $3,800 a year.

An updated version of a malicious software package designed to automate the process of hacking websites is being offered up on underground markets for $3,800 a year, according to a blog by Trend Micro.

In a Thursday email correspondence, Christopher Budd, threat communications manager for Trend Micro, told SCMagazine.com that the software – known as BlackOS – can manage hacked sites that redirect end-users to websites serving malware.

The redirection is carried out by injecting malicious IFrames into websites, Budd said, adding this can be done using one of several features available in BlackOS.

“[It] can also manage large lists of FTP credentials and [can] check each of the accounts' credentials for validity, as well as verifies each malicious website URL against AV vendors to see if anyone blocks the website,” Budd said.

One of the things that makes BlackOS particularly useful for miscreants is that it scans a large range of IPs for exploitable vulnerabilities, Budd said, explaining that the attackers are not dialing in on specific targets.

“They do a mass attack, there are no specific targets as these websites are just a launch pad to perform their malicious attacks,” Budd said. “They are usually looking for an easy access, once they are inside they will try to level up the privileges to gain root access on the machine and therefore be able to [make] use of the BlackOS features, which is inject a malicious IFrames in all web pages.”

The posts advertising BlackOS in underground forums are written in Russian, according to the Trend Micro blog, which explains that the software costs $3,800 a year, or $100 a month for a budgeted version with basic configurations.

The BlackOS software is an updated version of the “Tale of the North” software, according to the blog.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Researchers observe more than a hundred connections to 'Backoff' sinkhole

Researchers with Kaspersky Lab were able to sinkhole two command-and-control servers used by certain Backoff point-of-sale malware samples.

Judge lifts stay but Microsoft won't hand over emails during appeal

A judge has lifted a suspension of a previous order compelling Microsoft to hand over customer emails stored on a server in Ireland.

Home Depot investigates possible payment card breach

Home Depot investigates possible payment card breach

Home Depot said on Tuesday that it is working with its banking partners and law enforcement to investigate a possible data breach.