in Meddling, X-Geek

Blackhole exploit detected

I was putting some dinner on the table for the kids this evening when I walked by my laptop. There were two new tabs open on my Ubuntu Firefox browser that I didn’t remember opening. Popping one of these mystery URLs into urlquery.net indicated that the URL in question has been associated with distributing browser malware, essentially letting Russian criminals access my web browser.

URL http://disruptingplayhouse.biz/closest/i9jfuhioejskveohnuojfir.php
IP 93.171.174.224
ASN AS29182 ISPsystem Autonomous System
Location [Russian Federation] Russian Federation
Report completed 2013-09-04 23:50:04 CET
Status Report complete.
urlQuery Alerts Detected BlackHole v2.0 exploit kit URL pattern
Detected live BlackHole v2.0 exploit kit

Now, the fact that I’m running Linux and I usually keep my laptop updated might help keep me from being infected by this exploit kit. I can’t tell for sure, though, so I’m running a good virus scan on my system first. It just goes to show that you can never let your cyber guard down.

I recall some mention this week about a potentially huge cyber attack taking place soon. Can’t find the link now but I’ll see if I can find it.