I read that before I posted, I swear! I'm still a little fuzzy though...
What does this mean?:
"1. The customer licenses the Blackhole exploit kit from the authors and specifies various options to customize the kit."
Is the "customer" the person trying to deliver the "malicious payload"?
What options are specified? What exactly are they customizing?
"2. A potential victim loads a compromised web page or opens a malicious link in a spammed email."
"3. The compromised web page or malicious link in the spammed email sends the user to a Blackhole exploit kit server's landing page."
"4 This landing page contains obfuscated JavaScript that determines what is on the victim's computers and loads all exploits to which this computer is vulnerable and sometimes a Java applet tag that loads a Java Trojan horse."
"5. If there is an exploit that is usable, the exploit loads and executes a payload on the victim's computer and informs the Blackhole exploit kit server which exploit was used to load the payload."
So, does the "hacker" specifically target a website to do this with? And is the website actually hacked into and they make it so it's redirected to a different server?
Once it redirects the user, code is used to determine which exploits can be used? What would be an example of an exploit?
What exactly would the payload consist of? Anything they want? Is it usually malware or something else?
It's a little over my head, I reckon. Thanks again!
