A comprehensive attack on users of Adobe Flash Player remained hidden for two months before it was discovered by security researchers. Before the attack, the attackers were using an unknown vulnerability in Adobe Flash Player which on February 4 this year came with an update. Anti-virus company Malwarebytes, however, that the leak since December 10, 2014 was attacked.
Unlike many zero days, vulnerabilities for which an update is missing, it was not a question of targeted attacks against specific organizations or institutions. Just ad networks were used to attack ordinary Internet users and infect with ransomware and click fraud malware. Once an infected ad was shown a Flash Player user's computer could be infected with the malware.
For the spread of infectious ads used the attackers an ad network that reaches more than 500 million users in their own words. To prevent the attack would stand each visitor got infected ad only see once and were users with a VPN or proxy not infected. According Malwarebytes attackers tried in this way to hide the attack for security researchers and security.
Furthermore discovered the virus fighter that the attackers simply paid for the ads and there was no hacked ad networks. 0.75 cents was paid for 1,000 impressions, but this figure fell to 0.06 cents at less busy times. The ads appeared on separate popular websites, Malwarebytes states that, judging by the use of a zero-day and the execution of the attack, we were dealing with a professional operation. The attacks stopped in the end on February 3, a day after Adobe an emergency patch was announced for the leak.
No comments:
Post a Comment