Flash Exploit Currently In The Wild
Two exploit kits have been discovered that allowed hackers to compromise computers. The exploit was patched last week, but many users are considered to still be at risk. The bug was spotted by French security research Kafeine. Risk is considered high because the exploit targets recent versions of Flash Player software.
Prior to the released fix, the bug was a zero-day – meaning no known fix. Two security toolboxes, Angler and Magnitude, are able to take advantage of the flaw. The kits could deploy malware including ransomware, which restricts users’ access to files until a ransom is paid. Generally the ransom is paid using the digital currency Bitcoin.
According to researchers, a high number of Trend Micro customers appear to be using versions of Flash Player susceptible to the attack. Security experts are calling for users to update sooner rather than later.
Malware Don’t Need Coffee, a research blog, has seen an increased number of hacks from the Magnitude exploit kit targeting the Flash exploit. Flash exploits are notorious in the system administrator community. Flash is regarded as one of the most vulnerability-prone software in existence.
Last June, FireEye Singapore uncovered a phishing campaign run by the Chinese hacking group APT3. The team has a history of introducing zero day browser exploits for Internet Explorer, Apple, Firefox, and Adobe Flash. After a successful hack the group harvests credentials and moves to nearby systems to install backdoors.
Attack groups resell their exploits to other attackers to fund future work. It’s likely that other exploit kits will follow suit. Despite Adobe having patched the exploit it will still take time for the updates to propagate globally.
Image from Shutterstock.