Menu
Cybercriminals target Silverlight users with new exploit kit

Cybercriminals target Silverlight users with new exploit kit

An exploit for a known Silverlight vulnerability was added to the Angler Exploit Kit, researchers said

The creators of a Web-based attack tool called Angler Exploit Kit have added an exploit for a known vulnerability in Microsoft's Silverlight browser plug-in to the tool's arsenal.

Exploit kits are essentially malicious Web applications that check if visitors run outdated software on their computers and then exploit vulnerabilities in that software to install malware. They usually target popular applications that are accessible through browser plug-ins, such as Java, Flash Player and Adobe Reader.

The attacks launched by exploit kits are called drive-by download attacks and have become one of the main methods of distributing malware.

According to an independent malware researcher who uses the pseudonym Kafeine, aside from Java and Flash Player, Angler EK is now also targeting Silverlight, a runtime environment for rich Internet applications developed by Microsoft.

Angler EK appeared last month, shortly after the creator of the popular Blackhole exploit kit was arrested in Russia, and is being used by the cybercriminal gang behind the Reveton ransomware that impersonates law enforcement agencies and asks victims to pay non-existent fines.

Before switching to Angler, the Reveton gang used Cool Exploit Kit, a more high-end version of Blackhole, Kafeine said in a blog post.

Starting Thursday, Angler includes an exploit for a remote code execution vulnerability in Silverlight 5 that's known as CVE-2013-0074 and was patched by Microsoft in March, Kafeine said.

According to Timo Hirvonen, a senior researcher at antivirus company F-Secure, it's unusual for authors of exploit kits to target Silverlight. "I do not remember seeing exploit kits using Silverlight exploits before," he said via email.

It's not clear how many users have Silverlight installed on their computers, but their number is likely to be in the tens of millions.

Most Netflix users need Silverlight, and there are more than 40 million Netflix subscribers, so there are enough potential targets to make a Silverlight exploit attractive, Hirvonen said.

Angler EK loads the Silverlight exploit only if the Java or Flash Player versions installed on the computer are not vulnerable, according to Hirvonen. He believes the Silverlight exploit was added to Angler now because exploit code for CVE-2013-0074 was recently made public on the Packet Storm security website and cybercriminals are frequently reusing publicly available exploits.

Silverlight users should make sure they have all the patches available for the software installed. Silverlight security patches are normally distributed through the Windows Update mechanism.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags MicrosoftsecurityAdobe Systemsf-secureExploits / vulnerabilitiesmalware

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments