Wordpress has always been a favourite attacking conduit, so it's interesting to see it get some attention (for once).
McKinnon continues, "The creators of the Blackhole Exploit Toolkit also appear to be very organised with regular updates of their Crimeware, to the extent that exploits are constantly being refreshed with the goal of avoiding detection, and made available to subscribers of their service; literally it has become a Crimeware-as-a-Service business model.
"The Q1 report also details the previous encryption methods used by the toolkit, which appear to be technically inferior seemingly for the purpose of ensuring that out of date Blackhole Toolkits quickly become useless - further strengthening the Crimeware-as-a-Service assumption."
The report also observes, "Blackhole is a sophisticated and powerful exploit kit, mainly due to its ability to adapt (it is polymorphic) and in that its code being heavily concealed (obfuscated) to evade detection by anti-malware solutions. These are the main reasons it has a high success rate."
Of course this is just a tiny sampling of the sixteen-page report. iTWire recommends our readers download and digest it in its entirety.