There is a new software called BlackOS that automates the process of managing and exploiting websites, researchers said.
Malware developers started advertising BlackOS on underground forums in late February 2014, said researchers at Trend Micro in a blog post. While they advertise it as new, BlackOS stems from “Tale of the North,” a piece of software first identified by security researchers in September 2013.
“BlackOS allows a cybercriminal to squeeze out the most profit from his victims. It has a web interface which is used to manage the web traffic and its different features,” Trend Micro researchers said.
“It can cope with high volumes of Internet traffic, and inject iframes and redirect traffic as specified by its user.”
BlackOS and other tools like this can end up used by bad guys to manage web traffic coming from users who click on links in spam emails. Victims can end up directed to various websites depending on their geographic location.
“Tale of the North” developer Peter Sevara is facing criminal charges for using the Kelihos botnet for spam campaigns, the researchers said.
In addition, the reason BlackOS got its start is because Sevara had a misunderstanding with his Tale of the North partners, so they went their separate ways, the researchers said. After the break-up, Sevara’s partners started working on BlackOS, which is an updated version of Tale of the North.
A yearly subscription to BlackOS costs $3,800, but attackers can rent it for $100 per month (basic configuration).