Wednesday, 4 February 2015

1800 Subdomains Used For Flash Player Attack

Cybercriminals last week a large number of subdomains created and used for attacking Flash Player users. For carrying out the attack, the attackers used more than 50 legitimate GoDaddy accounts that they had hijacked. GoDaddy is an Internet domain registrar where to register. In addition, customers can through the GoDaddy account to manage their domain names. By this steal account information the attackers had access to a large number of domain names.

They used the access to create subdomains , which were then used to host a Flash Player exploit. This is an exploit for a vulnerability in Adobe Flash Player that on January 26 was patched this year. The use of subdomains took place between 26th and 30th of January. Unlike many attacks where cyber criminals hacking and using legitimate websites to infect visitors were not adjusted in this case the main domains.

The attackers used the subdomains created to host the Flash Player operates as well as an exploit for Microsoft Silverlight.Contaminated ads was then made ​​to these subdomains. Users with vulnerable Flash Player who got to see could be infected with malware in this way the ads, according to Cisco . Statistics from VirusTotal shows that exploits barely detected by virus scanners, which indicates that it is important to immediately install the available updates.

No comments:

Post a Comment