Menu
Attackers are exploiting a zero-day vulnerability in Flash Player

Attackers are exploiting a zero-day vulnerability in Flash Player

The exploit was included in the Angler exploit kit, a security researcher reported

Attackers are using compromised websites to exploit a new and currently unpatched vulnerability in Flash Player, a malware researcher has reported.

The new exploit was observed in drive-by-download attacks launched with an exploit kit called Angler, according to an independent researcher who uses the online alias Kafeine.

Exploit kits are malicious Web applications that contain exploits for vulnerabilities in browsers and browser plug-ins such as Java, Flash Player, Adobe Reader and Silverlight. Attackers silently redirect users' browsers to exploit kit installations by inserting rogue code in compromised websites and malicious advertisements.

The kits choose which exploits to load from their arsenal depending on the visitor's browser and installed plug-ins. If successful, the exploits install malware. It's known as a drive-by-download attack and is typically transparent to users.

Exploit kits usually target known vulnerabilities, which is why it's important to keep browser plug-ins like Flash Player up to date. But that doesn't help if attackers have an exploit for a zero-day vulnerability -- one that's not been patched yet by the software vendor.

Zero-day exploits are valuable to hackers, which is why they're more commonly used in targeted attacks where the stakes are higher and the goal is usually cyberespionage. It's unusual to see them in mass attacks like those performed with Angler and other exploit kits.

The new zero-day exploit used in Angler worked successfully on the latest Flash Player version on Windows 7 with Internet Explorer 8, Windows 8 with Internet Explorer 10, and Windows XP with IE 6 to 9, Kafeine said in a blog post. Disabling Flash Player for some days might be a good idea, he said.

Adobe is aware of the report and investigating the claims, a spokeswoman said via email.

However, Kafeine claims he shared the exploit with the company, and that Adobe has confirmed it.

"The zero-day vulnerability in Flash Player, as discovered by Kafeine, could provide a big security risk for Internet users, effectively opening an unguarded window onto PCs worldwide," said Pedro Bustamante, director of special projects at security firm Malwarebytes, via email.

"The fact that it has seemingly been integrated into the Angler Exploit Kit shows that criminals are keen to use it to target people and businesses en-masse," he said. "Using a delivery mechanism such as Angler increases the chance of successful infections, allowing for accurate attacks through infected adverts on high traffic websites."


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwareAdobe SystemsExploits / vulnerabilitiesMalwarebytes

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments