BlackOS malicious web traffic managing software is on sale
Posted on 20.03.2014
Security researchers are keeping a close eye on underground cybercrime forums and are quick to spot new offerings, such as the BlackOS software package.


Not to be confused with the memory-scraping BlackPOS malware, BlackOS is actually a suite of tools aimed at making cyber crooks' job easier by centralizing the managing of traffic redirection from compromised or malicious sites via a web interface.

The package is capable of doing a number of things (as translated by Trend Micro from the advert in Russian):

1) Implement the optimal model of converting traffic. Distribute and installs on geo user agent;
2) Get a unique opportunity to refuse to sell iframe traffic ;
3) Automatically detect PR domains , links and implement an effective impact on the issuance of search engines ;
4) Get a fast , stable and socks5 private lists for any of your software, requiring the use of proxy;
5) Sort the list of accounts as fast as possible ;
6) Upload any of your scripts with verification . Pour shells and mass execute commands on them set / code cleanup , eval (), system (), sendmail and check antiDDOS ;
7) Perform a vulnerability scan on your servers
8) Proccess the parsing Databases of remote CMS
Its price is quite steep - $3,800 a year - and can be paid in crypto currency.

The researchers also did a little digging and analyzing, and they believe that BlackOS is a package that started its life as "Tale of the North," a similar web traffic managing software written and developed by a well known Russian spammer known by his online alias Peter Severa, and another colleague.

But, by his own public admission, Severa and the other developer parted ways due to a disagreement, and the latter is the one who is selling BlackOS, while Severa is apparently concentrating on running two affiliate programs.

For more details about the researchers' investigation into this particular software and cyber criminal actors, check out their blog post.









Spotlight

A data security guy's musings on the OPM data breach train wreck

There is still way too much apathy when it comes to data-centric security. Given the sensitive data the OPM was tasked with protecting, it should have had state-of-the-art data protection, but instead it has become the poster child for IT security neglect.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Tue, Jul 28th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //