JS/Blacole.OU
Posted: April 11, 2014
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 9 |
| First Seen: | April 11, 2014 |
|---|---|
| Last Seen: | November 29, 2021 |
| OS(es) Affected: | Windows |
Although the Blackhole Exploit Kit has seen a sharp reduction in its distribution, at least one variant has been seen still active as of this month: JS/Blacole.OU. This JavaScript-based PC threat attempts to install threats onto the affected PC automatically, a process that does not require your awareness of the installation. Malware researchers associate most successful BEK attacks with the installation of high-level PC threats, and any contact with JS/Blacole.OU may result in compromises that allow third parties to collect sensitive information or issue invasive commands to your PC. Website owners with poor security should act to remove JS/Blacole.OU, if hackers insert JS/Blacole.OU into their sites' code, and exposed victims should take proper steps to delete JS/Blacole.OU's payload with proper anti-malware software.
Another Trip Down the 'Black Hole' to Threats
The Blackhole Exploit Kit, also known as Blacole or BEK, has been one of the foremost PC threats involved in distributing threatening software in the past few years. Although the arrest of its apparent creator, Paunch, has caused a much-needed reduction in the number of attacks involving Blacole, malware researchers recently saw a new variant of this attacker appear in the wild. JS/Blacole.OU's last known attack was in April 2014 (although its payload still is being investigated).
JS/Blacole.OU is JavaScript-based PC threat, and blocking JavaScript, or even keeping it uninstalled, should prevent your Web browser from being attacked by JS/Blacole.OU incidentally. Some Blacole attacks that could lead to contact with JS/Blacole.OU include Trojans hidden in spam e-mail attachments, along with hacked websites that host IFrames that redirect you to JS/Blacole.OU. In most cases, malware experts found that variants of BEK like JS/Blacole.OU installed high-level PC threats that often encompass:
- Backdoor Trojans designed to give its designers remote control over your PC, including the ability to issue system commands, delete files or gather privileged information.
- Rogue security products and other scamware that pretends to provide legitimate features, but has no working functions besides those necessary for tricking you to spend money on it.
- Ransomware Trojans that lock your PC and, in some cases, even encrypt your files, until a ransom is paid to reverse the attacks.
Climbing out of a New Pit
Variants of Blacole tend to use automatically-detected software exploits to install threats. There usually are no symptoms of these attacks, although JS/Blacole.OU may display additional content that's intended to trick you into compromising your own computer (such as a fake software update pop-up). Updated software may lower the potential vulnerabilities JS/Blacole.OU may use and is especially relevant for default Windows products, Java, JavaScript and Adobe's Flash. Malware experts also find that browser security features and Web security software are helpful for detecting and blocking JS/Blacole.OU.
Contact with sites suspected to host JS/Blacole.OU should be assumed to be a possible point of infection by sophisticated threats, as described previously. Malware researchers can recommend no better solution to this exposure than using general anti-malware solutions to scan your PC. Of course, if website administrators pay attention to their security, it is likely that JS/Blacole.OU will soon become just as extinct as many, previous versions of JS/Blacole.OU – even if new exploit kits supplant it.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.