Stories
Slash Boxes
Comments

SoylentNews is people

Ransomware-Installing Exploit Kit Targets Flash Remote Code Execution

posted by takyon on Monday June 29 2015, @01:45PM   Printer-friendly
from the adobe-flash-vulnerable dept.

janrinok writes:

Another security story from The Register to start the week off:

Attackers have added a recent dangerous Adobe vulnerability to the Magnitude exploit kit, according to respected independent malware researcher "Kafeine". The remote code execution vulnerability (CVE-2015-3113) revealed last week allows attackers to hijack un-patched machines targeting Internet Explorer on Windows 7 and XP.

Web villains [sic] designated APT 3 by FireEye sleuths are already exploiting the flaw through phishing attacks. Now the researcher known as Kafeine says the vulnerability has been added to the Magnitude exploit kit in what is a significant elevation of risk for Flash users.

Kafeine says Magnitude attackers are using the exploit to drop the Cryptowall ransomware.

"CVE-2015-3113 has been spotted as a zero day by FireEye, exploited in limited targeted attacks. It's now making its path to exploit kits," he says.

Magnitude, said to generate as of August up to $US100,000 a month for its author, maintains about a third of the exploit kit market according to Trustwave. The researchers say the Magnitude author, thought to be a single Russian, could make up to $3 million a year.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Ransomware-Installing Exploit Kit Targets Flash Remote Code Execution | Log In/Create an Account | Top | 19 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Insightful) by Nerdfest on Monday June 29 2015, @02:15PM

    by Nerdfest (80) on Monday June 29 2015, @02:15PM (#202810)

    The last couple of articles have been about exploits targeting IE, PHP, and Flash. I'm glad we've moved on from those bad old days of the 90's.

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 3, Insightful) by DarkMorph on Monday June 29 2015, @04:08PM

    by DarkMorph (674) on Monday June 29 2015, @04:08PM (#202864)
    To be fair that article spoke of a weakness in Magento, not PHP itself. There's a big difference between a vulnerability in PHP the script interpreter and a collection of scripts written in PHP. It likely wouldn't matter what language Magento was written in if the weakness strictly exists within the logic of their code.

    • (Score: 2) by Nerdfest on Monday June 29 2015, @06:10PM

      by Nerdfest (80) on Monday June 29 2015, @06:10PM (#202925)

      True, but PHP really does seem to help you a lot in writing exploitable code.