'Blackhole' attack tool spreads across the internet

An online attack tool known as Blackhole has stormed onto the market in the first part of the year and is being used for large-scale attacks, according to experts.

Security vendor AVG said in its latest quarterly security report that the Blackhole Exploit Kit, which targets flaws and allows an attacking machine access to a vulnerable system, has become a favourite tool among cyber criminals in recent months.

Use of the malware spiked in February, in some cases rising as high as 800,000 attack attempts per day. The kit was also used for a large-scale attack on UK web users.

"Most of those detections seem to have originated from a combination of ad networks and adult sites, but most interestingly, they were targeting the UK more than anywhere else," AVG wrote in the report.

Blackhole accounted for 44 per cent of malware detections collected by AVG in the first quarter, and for more than 86 per cent of attack toolkit deployments.

The AVG report also highlighted a jump in Android malware, particularly in China, where an Android firmware update was repackaged with additional code on marketplace sites last month.

AVG estimates that roughly 0.2 per cent of Android applications are malicious, and that users have potentially logged as many as 7.8 million malicious application downloads.

The company also found that attackers have increased their attacks on social networking services.

Social engineering scams, which trick users into clicking on misleading links and visiting third-party sites, have greatly increased in frequency over the past year, Facebook being a particularly attractive target.

"Cyber criminals naturally tend to target the most popular applications or services used by the majority of internet users. In the case of Facebook it can reach out to a huge amount of people," AVG said.

"The built-in trust among 'friends' on social networks makes it easier for a cyber criminal to deploy successful attacks against these users."

AVG is not the only company to note a rise in threats on social networking sites such as Twitter. Security firms have pointed to the increased detail that profile information can give to potential attackers when conducting targeted attacks.