Wednesday, 12 August 2015

IE Vulnerability Used To Distribute Ransomware

A vulnerability in Internet Explorer that Microsoft only three weeks ago patched is now actively used to infect computers with ransomware. The vulnerability exists in IE6 to IE11. Visiting a malicious or hacked website or see getting an infected ad is enough for an attacker to install malware on the computer for example.

The exploit that uses the vulnerability has been developed by the creators of the Angler Exploitkit. According to security researcher ' JuK 'of the blog Malware do not need Coffee makers could possibly since July 24 with the development of the exploit have been busy, two days after the release of the update. The makers of Angler developed previously often very quickly just exploits for unpatched vulnerabilities in Adobe Flash Player. Many Internet users are slow to patch. Even though there are security updates available, there are still computers are not up-to-date and can be attacked.


According to security firm FireEye is noteworthy that the creators of the Angler Exploitkit now suddenly focus on an IE vulnerability. In recent months, were in fact only developed exploits for Flash Player vulnerabilities, with an exploit for Microsoft Silverlight as an exception. One possible explanation, according to the security at the security measures Adobe has taken to prevent abuse of vulnerabilities.

Depending on the software installed Internet, try the Angler Exploitkit attacks through vulnerabilities in Flash Player, Silverlight and Internet Explorer. In case the attack is successful CryptoWall-ransomware is installed. This ransomware encrypts files on the computer and then asks for a fee to decrypt them.

No comments:

Post a Comment