The malicious BlackOS software package has been updated and is now available on the cybercriminal underground for $3,800 per year.
As noted by Trend Micro, the updated software is better suited to process and manage website exploitation, providing a great return-on-investment for cybercriminals. A custom Web interface allows for better web traffic management and access to features that lead to redirected traffic and iframes injection.
"They do a mass attack, there are no specific targets as these websites are just a launch pad to perform their malicious attacks," said Chris Budd, Trend Micro threat communications manager, in a statement to SC Magazine. "They are usually looking for an easy access, once they are inside they will try to level up the privileges to gain root access on the machine and therefore be able to [make] use of the BlackOS features, which is inject a malicious IFrames in all web pages."
There is an alarming trend in sophisticated, well-written malicious programs that are readily available on underground cybercriminal forums.