Malicious Attackers Add Malware to Guardian's Cybercrime Article | Hacked: Hacking Finance
user

Malicious Attackers Add Malware to Guardian’s Cybercrime Article

Introduction

Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.


LATEST POSTS

Total Coverage 22nd August, 2017

ChronoPay Looks to Kickstart Bitcoin Adoption in Russia 29th May, 2017

Bugs

Malicious Attackers Add Malware to Guardian’s Cybercrime Article

Posted on .
This article was posted on Friday, 13:06, UTC.

If anything, this particular revelation shows the dark sense of warped humor by malware peddlers and cybercriminals on the internet.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

The Guardian, a prominent UK publication had published an article which headlined “Cybercrime: Is it out of Control?” that claimed cybercriminals getting more audacious over time. Sure enough, cybercriminals audaciously injected a malicious URL into the syndicated links embedment on the page that redirected users to the dreaded Angler Exploit Kit malware.

Guardian srnshot

The discovery of the malware was made by security researchers J.Gomez, Kenneth Hsu and Kenneth Johnson at security firm FireEye on December 1, 2015.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

The entire account of the discovery can be found in a blog post here.

An excerpt from the blog, explaining the exploit reads:

When the syndication link is loaded in the background, readers are eventually redirected to Angler’s landing page via injected HTML that crafts the request to the Angler landing page.

When it is loaded, the page executes an embedded script and redirects the reader to the Angler landing page, at which point the exploitation stage is set up with a new GET request.

Through a vulnerability in VBScript, an OLE automation including a potential Flash exploitation (quell surprise), is seen in the attack, researchers note.

Angler unconditionally attempted to exploit a popular vulnerability CVE-2014-6332. This is a memory corruption vulnerability in Windows Object Linking and Embedding (OLE) Automation that can be triggered through VBScript with Internet Explorer.

Furthermore, the researchers note that this particular exploit was based on a proof-of-concept that was publicly available. So too, were techniques that were used to try arbitrary code execution techniques.

The Angler Exploit Kit routinely looks for any security programs such as anti-virus software before determining its course of behavior. If an anti-virus product is discovered, Angler quickly forces the attack to die out and fail without being noticed or alternatively run a suitably docile script.

As usual, however, the Angler Exploit Kit malware also scans for browsers with legacy and outdated versions of Adobe Reader, Java, Flash Player, Microsoft Silverlight and other plugins to exploit vulnerabilities that are often known, in its way of delivering its payload.

Upon reaching out the publication, the researchers add that The Guardian is “aware of FireEye’s claims and are working to rectify the issue as soon as possible.”

Images from Wikimedia and FireEye.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.

There are no comments.

View Comments (0) ...
Navigation
The team:
Dmitriy Lavrov
Analyst
Dmitriy Lavrov is a professional trader, technical analyst and money manager with 10 years of trading experience. He covers Forex, Commodities and Cryptocurrencies. He is among the top 10 most Read More
Jonas Borchgrevink
Founder
Jonas Borchgrevink is the founder of Hacked.com and CryptoCoinsNews.com. He is a serial entrepreneur, trader and investor. He shares his own personal journey on Hacked.com. // -- Discuss and ask Read More
Mate Csar
Analyst
Trader and financial analyst, with 10 years of experience in the field. An expert in technical analysis and risk management, but also an avid practitioner of value investment and passive Read More
Mati Greenspan
Analyst
Senior Market Analyst at Etoro.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Important: Never invest Read More
Rakesh Upadhyay
Analyst
Rakesh Upadhyay is a Technical Analyst and Portfolio Consultant for The Summit Group. He has more than a decade of experience as a private trader. His philosophy is to use Read More
Pamela Meropiali
Account Manager
Pamela Meropiali is responsible for users on Hacked.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Read More
Joseph Young
Journalist
Joseph Young is a finance and tech journalist & analyst based in Hong Kong. He has worked with leading media and news agencies in the technology and finance industries, offering Read More
What do you think: Is spying on your lover okay?…