Java Vulnerability Reused for Fresh Drive-by Attack

Cyber-criminals to disseminate their malware have yet again begun searching Mac-computers for making a fresh use of the Java security flaw that the Flashback Trojan exploited. The new exploitation is designed to spread one novel drive-by assault, reports Sophos the security company.

Malware used for pushing drive-by download assaults is regarded as inevitable with Windows-computers. Various malware scams target security flaws again-and-again within widely-used software for e.g. Java, which the Flashback attacked. The malware attacks normally occur rapidly one after another.

In the current instance, the malware assault occurs across platforms by targeting both Windows and Mac-computers.

For Windows systems that aren't patched, the assault results in planting of a backdoor. Conversely, with Mac-PCs, one Python script is installed that does the identical task of a backdoor. Albeit the task is comparatively less refined, the Python even then lets the attacker steal plentiful data as also give him hold of the Mac from afar.

Sophos observes that there's a large difference between the current and previous Flashback assaults. Also, possibly other cyber-crime syndicates are trying to find ways of contaminating Macs, the company notes. Gmanetwork.com published this dated April 29, 2012.

In addition Sophos states that starting February 14, 2012, users could avail of security updates that fixed Java flaws for Unix, Linux and Windows-PCs while for Macs, updates were issued early April same year.

Sophos reportedly, identified the assault with malware like Mal/JavaCmC-A and Mal/20113544-A.

According to it, the Java malware pulled down more malicious programs onto the infected PC and they were identified as Mal/Cleaman-B and OSX/FlsplyDp-A (originally install_flash_player.py) for Windows and Mac-computers respectively.

The downloaded malware in turn loaded other malware like a backdoor namely Troj/FlsplyBD-A onto the Windows-PC and a Python code named update.py onto the Mac.

Sophos' researchers suggest users to be wary of files -update.py and update.sh- the latter, which's a shell code, runs the former that's a Python code. They suggest deleting these files.

Overall, Senior Technology Consultant Graham Cluley at Sophos has urged computer-users to keep their anti-virus solutions up-to-date incase of any suspected infection on their systems. Softpedia.com published this on April 28, 2012.

Related article: Job Hunters Conned By Mystery Shopping Scammers

ยป SPAMfighter News - 04-05-2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next