Sunday, 21 June 2015

New ExploitKit Focuses Almost Entirely On Flash Player

Adobe Flash Player is the favorite target of cyber criminals has become instead of Java was the last few months several times already demonstrated , but a new trend exploitkit makes this clear again. The Beta Exploitkit, also known as Sundown, is a recently launched exploitkit which is still in the testing phase.

Through exploit kits can cyber criminals Internet users who miss security updates easily infect by example code on a compromised website or to hide in an advertisement. This code then sends visitors to the exploitkit. In the case of Sundown trying to infect the exploitkit Internet via six different vulnerabilities with malware.

This is according to researcher JuK of the blog Malware Do not Need Coffee to four vulnerabilities in Adobe Flash Player and two Windows. Researchers Aditya Sood and Rohit Bansal analyzed a different version in which a Windows vulnerability for IE vulnerability had made. Java, which was a favorite target in the past, is missing. A trend that is also seen in many other recent exploit kits.

The Windows leaks Sundown attacks dating back to 2013 and 2014, while the Flash Player vulnerabilities last year and this year. The IE vulnerability that Sood and Bansal saw was discovered in 2012 and patched. For all vulnerabilities are updates available. Yet there are still internet users who do not install these patches and so risk.

However, the Beta Exploitkit is itself not without faults. Sood and Bansal discovered errors in the administrator panel exploitkit, allowing them to log on and managed to retrieve all kinds of information, such as used server domains, users, domains, location of the victims and what kind of browser that surfing. The exploitkit is still in the testing phase, but the researchers expect that the coming months will be used by cyber criminals.

No comments:

Post a Comment