NEWS FROM THE LAB - Tuesday, January 8, 2013

Cool Exploit Kit is Related to Blackhole Posted by Sean @ 15:05 GMT

Two months ago, Karmina and Timo wrote about clear similarities between the Cool and Blackhole exploit kits. Blackhole seemed to be copying (or perhaps replicating is a better word) techniques and exploits used by Cool. It appeared the two were closely related.

Yesterday, Brian Krebs exposed that relationship.


Cool is a premium exploit kit from the authors of Blackhole which uses custom exploits (as in zero-day) and costs $10,000 a month!

Blackhole costs "only" $700 for three months, or $1,500 for a full year. Once a custom exploit used by Cool goes public, and is thus no longer a zero-day, it gets added to the less expensive Blackhole.

Run, don't walk to Krebs on Security for all the details: Crimeware Author Funds Exploit Buying Spree