{"id":10829,"date":"2011-12-01T21:15:30","date_gmt":"2011-12-02T02:15:30","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/?p=10829"},"modified":"2021-08-08T19:52:55","modified_gmt":"2021-08-08T23:52:55","slug":"blackhole-malware","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/blackhole-malware\/","title":{"rendered":"Blackhole Malware"},"content":{"rendered":"<p><em><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-11564\" style=\"border: 0pt none; margin-left: 3px; margin-right: 3px;\" title=\"Blackhole Malware\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2011\/10\/malware2.jpg?resize=90%2C90&#038;ssl=1\" alt=\"Blackhole Malware\" width=\"90\" height=\"90\" \/> <\/em><a title=\"www.darkreading.com\" href=\"https:\/\/www.darkreading.com\/\" target=\"_blank\" rel=\"noopener noreferrer\"><em>Dark Reading<\/em><\/a> <a title=\"www.darkreading.com\" href=\"https:\/\/web.archive.org\/web\/20120503002031\/http:\/\/www.darkreading.com:80\/advanced-threats\/167901091\/security\/attacks-breaches\/231900780\/blackhole-crimeware-goes-prime-time.html\" target=\"_blank\" rel=\"noopener noreferrer\">reports<\/a> that attackers are increasingly using the <a title=\"research.zscaler.com\" href=\"http:\/\/research.zscaler.com\/2011\/02\/blackhole-exploits-kit-attack-growing.html\" target=\"_blank\" rel=\"noopener noreferrer\">Blackhole exploit kit<\/a> in <a title=\"www.microsoft.com\" href=\"https:\/\/web.archive.org\/web\/20160219214154\/http:\/\/www.microsoft.com\/security\/online-privacy\/phishing-symptoms.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">phishing campaigns<\/a>. The latest phishing scam poses as an email notification from an\u00a0<a title=\"HP\" href=\"http:\/\/www.hp.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">HP<\/a> (<a title=\"NYSE : HPQ\" href=\"https:\/\/www.nyse.com\/quote\/XNYS:HPQ\" target=\"_blank\" rel=\"noopener noreferrer\">HPQ<\/a>) <a title=\"www.hp.com\" href=\"https:\/\/web.archive.org\/web\/20141002053638\/http:\/\/www.hp.com:80\/products1\/inkjetprinter\/officejet.html\" target=\"_blank\" rel=\"noopener noreferrer\">OfficeJet Printer<\/a> that has sent around 36,000 per minute resulting in nearly 8 million emails thus far and uses 2,000 domains to serve up the <a class=\"zem_slink\" title=\"Malware\" href=\"http:\/\/en.wikipedia.org\/wiki\/Malware\" target=\"_blank\" rel=\"noopener wikipedia noreferrer\">malware<\/a>.<\/p>\n<p><a title=\"Botnet\" href=\"http:\/\/arstechnica.com\/tech-policy\/news\/2011\/11\/how-the-most-massive-botnet-scam-ever-made-millions-for-estonian-hackers.ars\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-11566\" style=\"border: 0pt none; margin-left: 3px; margin-right: 3px;\" title=\"botnet\" src=\"https:\/\/i0.wp.com\/rbachnet.wwwmi3-ss40.a2hosted.com\/wp-content\/uploads\/2011\/10\/botnet1-150x112.jpg?resize=81%2C60\" alt=\"Botnet\" width=\"81\" height=\"60\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2011\/10\/botnet1.jpg?resize=150%2C112&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2011\/10\/botnet1.jpg?resize=300%2C224&amp;ssl=1 300w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2011\/10\/botnet1.jpg?w=333&amp;ssl=1 333w\" sizes=\"auto, (max-width: 81px) 100vw, 81px\" \/><\/a>Researchers at <a title=\"www,appriver.com\" href=\"http:\/\/www.appriver.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">AppRiver<\/a> told <em>Dark Reading<\/em> the trend demonstrates how Blackhole is following the pattern of popular <a class=\"zem_slink\" title=\"Crimeware\" href=\"http:\/\/en.wikipedia.org\/wiki\/Crimeware\" target=\"_blank\" rel=\"noopener wikipedia noreferrer\">malware<\/a> kits <a title=\"searchsecurity.techtarget.com\" href=\"http:\/\/searchsecurity.techtarget.com\/definition\/Zeus-Trojan-Zbot\" target=\"_blank\" rel=\"noopener noreferrer\">Zeus<\/a> and <a title=\"www.microsoft.com\" href=\"http:\/\/www.microsoft.com\/security\/portal\/threat\/Encyclopedia\/Entry.aspx?Name=Trojan%3AWin32%2FSpyeye\" target=\"_blank\" rel=\"noopener noreferrer\">SpyEye<\/a>. Blackhole traditionally has been used to infect legitimate websites for <a title=\"www.ebankingabersicher.ch\" href=\"https:\/\/www.ebankingabersicher.ch\/index.php?option=com_content&amp;view=article&amp;id=75&amp;Itemid=0&amp;lang=en\" target=\"_blank\" rel=\"noopener noreferrer\">drive-by infection<\/a> purposes. &#8220;<em>This attack is unique because Blackhole added an email vector to its format and is flooding the Internet with similar methods used by Zeus, SpyEye, and others, essentially moving it into prime time,<\/em>&#8221; says Fred Touchette, senior security analyst for AppRiver.<\/p>\n<p>Blackhole, which was previously marketed as a high-end crimeware tool, costing $1,500 for a one-year license, in May was <a title=\"www.schneier.com\" href=\"https:\/\/www.schneier.com\/blog\/archives\/2011\/05\/blackhole_explo.html\" target=\"_blank\" rel=\"noopener noreferrer\">unleashed for free<\/a> in some underground forums. That has propelled more use of the toolkit according to the AppRiver <a title=\"blogs.appriver.com\" href=\"https:\/\/web.archive.org\/web\/20120831012746\/http:\/\/blogs.appriver.com:80\/blog\/digital-degenerate\/blackhole-toolkit-rivals-zeus\" target=\"_blank\" rel=\"noopener noreferrer\">blog<\/a>.<\/p>\n<p><a href=\"https:\/\/web.archive.org\/web\/20211021194428\/https:\/\/appriver.com\/partners\" target=\"_blank\" rel=\"appriver logo noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright\" title=\"Appriver logo\" src=\"https:\/\/i0.wp.com\/www.appriver.com\/files\/images\/misc\/AppRiver-Logo.png?resize=89%2C38&#038;ssl=1\" alt=\"Appriver logo\" width=\"89\" height=\"38\" \/><\/a>Mr. Touchette said that attackers using Blackhole have changed tactics, &#8220;<em>This is the first that I have personally noticed that leads email recipients to Blackhole websites. Before that, people using the Blackhole Kit relied on techniques such as <a title=\"www.windowsecurity.com\" href=\"https:\/\/web.archive.org\/web\/20130117021632\/http:\/\/windowsecurity.com\/articles\/SEO-Poisoning-What-it-is-what-you-can-do-about-it.html\" target=\"_blank\" rel=\"noopener noreferrer\">SEO poisoning<\/a> to lead victims to their sites,<\/em>&#8221; he says.<\/p>\n<p>The OfficeJet email campaign, like other Blackhole attacks, is trolling for victims&#8217; <a class=\"zem_slink\" title=\"Online banking\" href=\"http:\/\/en.wikipedia.org\/wiki\/Online_banking\" target=\"_blank\" rel=\"noopener wikipedia noreferrer\">online banking<\/a> credentials according to <em>Dark Reading<\/em>. It works a lot like Zeus and others, using browser vulnerabilities on victims&#8217; machines and creating a backdoor for downloading and installing the Trojans. AppRiver&#8217;s Touchette says Blackhole appears to favor <del>Sun<\/del> <a title=\"Oracle\" href=\"https:\/\/www.oracle.com\/index.html\" target=\"_blank\" rel=\"noopener noreferrer\">Oracle<\/a> (<a title=\"NASDAQ : ORCL\" href=\"https:\/\/www.tradingview.com\/symbols\/NYSE-ORCL\/\" target=\"_blank\" rel=\"noopener noreferrer\">ORCL<\/a>) Java <em>(I wrote about Java holes <a title=\"rbach.net\" href=\"https:\/\/wp.me\/p2wgaW-FW\" target=\"_blank\" rel=\"noopener\">here<\/a><\/em>) and <a title=\"Adobe\" href=\"https:\/\/www.adobe.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Adobe<\/a> (<a title=\"NASDAQ : ADBE\" href=\"https:\/\/www.tradingview.com\/symbols\/NASDAQ-ADBE\/\" target=\"_blank\" rel=\"noopener noreferrer\">ADBE<\/a>) bugs (<em>I wrote about Adobe bugs <a title=\"rbach.net\" href=\"https:\/\/wp.me\/p2wgaW-L5\" target=\"_blank\" rel=\"noopener\">here<\/a><\/em>).<\/p>\n<p><a title=\"HP\" href=\"http:\/\/www.hp.com\/\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"wp-image-11572 size-full alignright\" style=\"border: 0pt none; margin-left: 3px; margin-right: 3px;\" title=\"HP_logo\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2011\/10\/HP_logo1.gif?resize=50%2C48&#038;ssl=1\" alt=\"HP\" width=\"50\" height=\"48\" \/><\/a>&#8220;<em>This most recent campaign is still trickling in, but will soon stall as most of its domains have been picked up and blacklisted by security professionals &#8230; we were seeing malicious emails related to this campaign coming in at a rate of around 36,000 per minute,<\/em>&#8221; Mr. Touchette says.<\/p>\n<p>Recent <a class=\"zem_slink\" title=\"Botnet\" href=\"http:\/\/en.wikipedia.org\/wiki\/Botnet\" target=\"_blank\" rel=\"noopener wikipedia noreferrer\">botnet<\/a> takedowns have spurred an increase in malware attacks recently as botnet operators try to rebuild, AppRiver&#8217;s Touchette told <em>Dark Reading.<\/em><\/p>\n<p><strong><em>rb-<\/em><\/strong><\/p>\n<p><em>Yeap- We are still seeing these trickling in and still have users reporting they can&#8217;t access their OfficeJet.<br \/>\n<\/em><\/p>\n<h6 class=\"zemanta-related-title\">Related articles<\/h6>\n<ul class=\"zemanta-article-ul\">\n<li class=\"zemanta-article-ul-li\">Positive Trend in Malware: Rootkit Developers Killing Each Other&#8217;s Code (pcworld.com)<\/li>\n<\/ul>\n<div class=\"zemanta-pixie\"><em><a title=\"Ralph Bach\" href=\"https:\/\/rbach.net\/index.php\/new-resume\/\" target=\"_blank\" rel=\"noopener noreferrer\">Ralph Bach<\/a>\u00a0has been in IT long enough to know better and has blogged from his\u00a0<a title=\"Bach Seat\" href=\"https:\/\/rbach.net\/\" target=\"_blank\" rel=\"noopener noreferrer\">Bach Seat<\/a> about IT, careers, and anything else that catches his attention since 2005. You can follow him on <a href=\"https:\/\/www.linkedin.com\/in\/rb48334\/\" target=\"_blank\" rel=\"noopener noreferrer\">LinkedIn<\/a>,\u00a0<a href=\"https:\/\/www.facebook.com\/ralph.bach.14\" target=\"_blank\" rel=\"noopener noreferrer\">Facebook<\/a>,\u00a0and\u00a0<a href=\"https:\/\/twitter.com\/rbach48334\" target=\"_blank\" rel=\"noopener noreferrer\">Twitter<\/a>. Email the Bach Seat\u00a0<a href=\"mailto:\/\/bach.seat@gmail.com\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/em><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Attackers are using the Blackhole malware exploit kit in phishing scam poses as an email notification from an HP Printer to steal user data<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[3045,864,863,866,168,904,23,836,612,865,4,867,127],"class_list":["post-10829","post","type-post","status-publish","format-standard","hentry","category-security","tag-3045","tag-appriver","tag-blackhole","tag-crimeware","tag-hp","tag-hpq","tag-malware","tag-oracle","tag-phishing","tag-search-engine-optimization","tag-security","tag-spyeye","tag-zeus"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.10 - aioseo.com -->\n\t<meta name=\"description\" content=\"Attackers are using the Blackhole malware exploit kit in phishing scam poses as an email notification from an HP Printer to steal user data\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"RB\"\/>\n\t<meta name=\"keywords\" content=\"appriver,blackhole,crimeware,malware,phishing,search engine optimization,spyeye,zeus,hp,hpq,oracle,2011,security\" \/>\n\t<link rel=\"canonical\" href=\"https:\/\/rbach.net\/index.php\/blackhole-malware\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.10\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Bach Seat | The view from where I am sitting\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Blackhole Malware | Bach Seat\" \/>\n\t\t<meta property=\"og:description\" content=\"Attackers are using the Blackhole malware exploit kit in phishing scam poses as an email notification from an HP Printer to steal user data\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/rbach.net\/index.php\/blackhole-malware\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/rbach.net\/wp-content\/uploads\/2011\/10\/malware2.jpg\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/rbach.net\/wp-content\/uploads\/2011\/10\/malware2.jpg\" \/>\n\t\t<meta property=\"og:image:width\" content=\"116\" \/>\n\t\t<meta property=\"og:image:height\" content=\"116\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2011-12-02T02:15:30+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2021-08-08T23:52:55+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ralph.bach.14\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:site\" content=\"@rbach48334\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Blackhole Malware | Bach Seat\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Attackers are using the Blackhole malware exploit kit in phishing scam poses as an email notification from an HP Printer to steal user data\" \/>\n\t\t<meta name=\"twitter:creator\" content=\"@rbach48334\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/rbach.net\/wp-content\/uploads\/2011\/10\/malware2.jpg\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/#article\",\"name\":\"Blackhole Malware | Bach Seat\",\"headline\":\"Blackhole Malware\",\"author\":{\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/author\\\/administrator\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/rbach.net\\\/#person\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/rbach.net\\\/wp-content\\\/uploads\\\/2011\\\/10\\\/malware2.jpg?fit=116%2C116&ssl=1\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/#articleImage\",\"width\":116,\"height\":116,\"caption\":\"Malware\"},\"datePublished\":\"2011-12-01T21:15:30-05:00\",\"dateModified\":\"2021-08-08T19:52:55-04:00\",\"inLanguage\":\"en-US\",\"commentCount\":2,\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/#webpage\"},\"articleSection\":\"Security, 2011, AppRiver, Blackhole, Crimeware, HP, HPQ, Malware, Oracle, Phishing, Search engine optimization, Security, SpyEye, Zeus\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/rbach.net#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/rbach.net\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/category\\\/security\\\/#listItem\",\"name\":\"Security\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/category\\\/security\\\/#listItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/category\\\/security\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/#listItem\",\"name\":\"Blackhole Malware\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/rbach.net#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/#listItem\",\"position\":3,\"name\":\"Blackhole Malware\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/category\\\/security\\\/#listItem\",\"name\":\"Security\"}}]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/rbach.net\\\/#person\",\"name\":\"RB\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/#personImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/277b077a94c848430275fca45f1992aa413a6acb98e489f0d4ea5771d8cd99f1?s=96&d=mm&r=r\",\"width\":96,\"height\":96,\"caption\":\"RB\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/author\\\/administrator\\\/#author\",\"url\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/author\\\/administrator\\\/\",\"name\":\"RB\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/277b077a94c848430275fca45f1992aa413a6acb98e489f0d4ea5771d8cd99f1?s=96&d=mm&r=r\",\"width\":96,\"height\":96,\"caption\":\"RB\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/#webpage\",\"url\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/\",\"name\":\"Blackhole Malware | Bach Seat\",\"description\":\"Attackers are using the Blackhole malware exploit kit in phishing scam poses as an email notification from an HP Printer to steal user data\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/rbach.net\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/blackhole-malware\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/author\\\/administrator\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/rbach.net\\\/index.php\\\/author\\\/administrator\\\/#author\"},\"datePublished\":\"2011-12-01T21:15:30-05:00\",\"dateModified\":\"2021-08-08T19:52:55-04:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/rbach.net\\\/#website\",\"url\":\"https:\\\/\\\/rbach.net\\\/\",\"name\":\"Bach Seat\",\"description\":\"The view from where I am sitting\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/rbach.net\\\/#person\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Blackhole Malware | Bach Seat","description":"Attackers are using the Blackhole malware exploit kit in phishing scam poses as an email notification from an HP Printer to steal user data","canonical_url":"https:\/\/rbach.net\/index.php\/blackhole-malware\/","robots":"max-image-preview:large","keywords":"appriver,blackhole,crimeware,malware,phishing,search engine optimization,spyeye,zeus,hp,hpq,oracle,2011,security","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/rbach.net\/index.php\/blackhole-malware\/#article","name":"Blackhole Malware | Bach Seat","headline":"Blackhole Malware","author":{"@id":"https:\/\/rbach.net\/index.php\/author\/administrator\/#author"},"publisher":{"@id":"https:\/\/rbach.net\/#person"},"image":{"@type":"ImageObject","url":"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/2011\/10\/malware2.jpg?fit=116%2C116&ssl=1","@id":"https:\/\/rbach.net\/index.php\/blackhole-malware\/#articleImage","width":116,"height":116,"caption":"Malware"},"datePublished":"2011-12-01T21:15:30-05:00","dateModified":"2021-08-08T19:52:55-04:00","inLanguage":"en-US","commentCount":2,"mainEntityOfPage":{"@id":"https:\/\/rbach.net\/index.php\/blackhole-malware\/#webpage"},"isPartOf":{"@id":"https:\/\/rbach.net\/index.php\/blackhole-malware\/#webpage"},"articleSection":"Security, 2011, AppRiver, Blackhole, Crimeware, HP, HPQ, Malware, Oracle, Phishing, Search engine optimization, Security, SpyEye, Zeus"},{"@type":"BreadcrumbList","@id":"https:\/\/rbach.net\/index.php\/blackhole-malware\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/rbach.net#listItem","position":1,"name":"Home","item":"https:\/\/rbach.net","nextItem":{"@type":"ListItem","@id":"https:\/\/rbach.net\/index.php\/category\/security\/#listItem","name":"Security"}},{"@type":"ListItem","@id":"https:\/\/rbach.net\/index.php\/category\/security\/#listItem","position":2,"name":"Security","item":"https:\/\/rbach.net\/index.php\/category\/security\/","nextItem":{"@type":"ListItem","@id":"https:\/\/rbach.net\/index.php\/blackhole-malware\/#listItem","name":"Blackhole Malware"},"previousItem":{"@type":"ListItem","@id":"https:\/\/rbach.net#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/rbach.net\/index.php\/blackhole-malware\/#listItem","position":3,"name":"Blackhole Malware","previousItem":{"@type":"ListItem","@id":"https:\/\/rbach.net\/index.php\/category\/security\/#listItem","name":"Security"}}]},{"@type":"Person","@id":"https:\/\/rbach.net\/#person","name":"RB","image":{"@type":"ImageObject","@id":"https:\/\/rbach.net\/index.php\/blackhole-malware\/#personImage","url":"https:\/\/secure.gravatar.com\/avatar\/277b077a94c848430275fca45f1992aa413a6acb98e489f0d4ea5771d8cd99f1?s=96&d=mm&r=r","width":96,"height":96,"caption":"RB"}},{"@type":"Person","@id":"https:\/\/rbach.net\/index.php\/author\/administrator\/#author","url":"https:\/\/rbach.net\/index.php\/author\/administrator\/","name":"RB","image":{"@type":"ImageObject","@id":"https:\/\/rbach.net\/index.php\/blackhole-malware\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/277b077a94c848430275fca45f1992aa413a6acb98e489f0d4ea5771d8cd99f1?s=96&d=mm&r=r","width":96,"height":96,"caption":"RB"}},{"@type":"WebPage","@id":"https:\/\/rbach.net\/index.php\/blackhole-malware\/#webpage","url":"https:\/\/rbach.net\/index.php\/blackhole-malware\/","name":"Blackhole Malware | Bach Seat","description":"Attackers are using the Blackhole malware exploit kit in phishing scam poses as an email notification from an HP Printer to steal user data","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/rbach.net\/#website"},"breadcrumb":{"@id":"https:\/\/rbach.net\/index.php\/blackhole-malware\/#breadcrumblist"},"author":{"@id":"https:\/\/rbach.net\/index.php\/author\/administrator\/#author"},"creator":{"@id":"https:\/\/rbach.net\/index.php\/author\/administrator\/#author"},"datePublished":"2011-12-01T21:15:30-05:00","dateModified":"2021-08-08T19:52:55-04:00"},{"@type":"WebSite","@id":"https:\/\/rbach.net\/#website","url":"https:\/\/rbach.net\/","name":"Bach Seat","description":"The view from where I am sitting","inLanguage":"en-US","publisher":{"@id":"https:\/\/rbach.net\/#person"}}]},"og:locale":"en_US","og:site_name":"Bach Seat | The view from where I am sitting","og:type":"article","og:title":"Blackhole Malware | Bach Seat","og:description":"Attackers are using the Blackhole malware exploit kit in phishing scam poses as an email notification from an HP Printer to steal user data","og:url":"https:\/\/rbach.net\/index.php\/blackhole-malware\/","og:image":"https:\/\/rbach.net\/wp-content\/uploads\/2011\/10\/malware2.jpg","og:image:secure_url":"https:\/\/rbach.net\/wp-content\/uploads\/2011\/10\/malware2.jpg","og:image:width":116,"og:image:height":116,"article:published_time":"2011-12-02T02:15:30+00:00","article:modified_time":"2021-08-08T23:52:55+00:00","article:publisher":"https:\/\/www.facebook.com\/ralph.bach.14","twitter:card":"summary_large_image","twitter:site":"@rbach48334","twitter:title":"Blackhole Malware | Bach Seat","twitter:description":"Attackers are using the Blackhole malware exploit kit in phishing scam poses as an email notification from an HP Printer to steal user data","twitter:creator":"@rbach48334","twitter:image":"https:\/\/rbach.net\/wp-content\/uploads\/2011\/10\/malware2.jpg"},"aioseo_meta_data":{"post_id":"10829","title":"#post_title #separator_sa #site_title&nbsp;","description":"#post_excerpt","keywords":[{"label":"AppRiver","value":"AppRiver"},{"label":"Blackhole","value":"Blackhole"},{"label":"Crimeware","value":"Crimeware"},{"label":"Malware","value":"Malware"},{"label":"Phishing","value":"Phishing"},{"label":"Search engine optimization","value":"Search engine optimization"},{"label":"SpyEye","value":"SpyEye"},{"label":"Zeus","value":"Zeus"},{"label":"HP","value":"HP"},{"label":"HPQ","value":"HPQ"},{"label":"Oracle","value":"Oracle"}],"keyphrases":{"focus":{"keyphrase":"malware","score":92,"analysis":{"keyphraseInTitle":{"title":"Focus Keyphrase in SEO title","description":"Focus Keyphrase found in SEO title.","score":9,"maxScore":9,"error":0},"keyphraseInDescription":{"title":"Focus keyphrase in meta description","description":"Focus keyphrase found in meta description.","score":9,"maxScore":9,"error":0},"keyphraseInURL":{"title":"Focus Keyphrase in URL","description":"Focus Keyphrase not found in the URL.","score":1,"maxScore":5,"error":1},"keyphraseLength":{"title":"Focus keyphrase length","description":"Good job!","score":9,"maxScore":9,"error":0,"length":1},"keyphraseInIntroduction":{"title":"Focus keyphrase in introduction","description":"Your Focus keyphrase appears in the first paragraph. Well done!","score":9,"maxScore":9,"error":0},"keyphraseInSubHeadings":[],"keyphraseInImageAlt":{"title":"Focus keyphrase in image alt attributes","description":"Focus keyphrase found in image alt attribute(s).","score":9,"maxScore":9,"error":0}}},"additional":[]},"primary_term":null,"canonical_url":null,"og_title":"#post_title #separator_sa #site_title","og_description":"#post_excerpt","og_object_type":"article","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":null,"og_article_tags":[],"twitter_use_og":true,"twitter_card":"summary_large_image","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[],"defaultGraph":"Article","defaultPostTypeGraph":""},"schema_type":"default","schema_type_options":"{\"article\":{\"articleType\":\"BlogPosting\"},\"course\":{\"name\":\"\",\"description\":\"\",\"provider\":\"\"},\"faq\":{\"pages\":[]},\"product\":{\"reviews\":[]},\"recipe\":{\"ingredients\":[],\"instructions\":[],\"keywords\":[]},\"software\":{\"reviews\":[],\"operatingSystems\":[]},\"webPage\":{\"webPageType\":\"WebPage\"}}","pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","location":null,"local_seo":{"locations":{"business":{"name":"","businessType":"","image":"","areaServed":"","urls":{"website":"","aboutPage":"","contactPage":""},"address":{"streetLine1":"","streetLine2":"","zipCode":"","city":"","state":"","country":"","addressFormat":"#streetLineOne\n#streetLineTwo\n#city, #state #zipCode"},"contact":{"email":"","phone":"","phoneFormatted":"","fax":"","faxFormatted":""},"ids":{"vat":"","tax":"","chamberOfCommerce":""},"payment":{"priceRange":"","currenciesAccepted":"","methods":""}}},"openingHours":{"useDefaults":true,"show":true,"alwaysOpen":false,"use24hFormat":false,"timezone":"","labels":{"closed":"","alwaysOpen":""},"days":{"monday":{"open24h":false,"closed":false,"openTime":"09:00","closeTime":"17:00"},"tuesday":{"open24h":false,"closed":false,"openTime":"09:00","closeTime":"17:00"},"wednesday":{"open24h":false,"closed":false,"openTime":"09:00","closeTime":"17:00"},"thursday":{"open24h":false,"closed":false,"openTime":"09:00","closeTime":"17:00"},"friday":{"open24h":false,"closed":false,"openTime":"09:00","closeTime":"17:00"},"saturday":{"open24h":false,"closed":false,"openTime":"09:00","closeTime":"17:00"},"sunday":{"open24h":false,"closed":false,"openTime":"09:00","closeTime":"17:00"}}}},"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2020-12-21 03:50:44","updated":"2022-09-13 18:56:12","seo_analyzer_scan_date":null},"_links":{"self":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/10829","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/comments?post=10829"}],"version-history":[{"count":13,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/10829\/revisions"}],"predecessor-version":[{"id":132937,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/10829\/revisions\/132937"}],"wp:attachment":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/media?parent=10829"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/categories?post=10829"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/tags?post=10829"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}