Adobe Flash Player is cyber-crooks’ Most Preferred Plug-In, Says Malware Bytes

According to Malwarebytes, threat actors continue to prefer Adobe Flash Player in 2015 too as their most liked browser plug-in.

The latest 0-day attack code CVE-2015-7645, which cyber-criminals abused during assaults, currently belongs to mainstream attack toolkits despite Adobe having patched it 16th October 2015.

Interestingly, the said 0-day vulnerability impacted all editions of Flash such as 18.x to 18.0.0.252 as well as 19.x to 19.0.0.207 on OS X and Windows PCs, while on Linux the editions impacted were 11.x to 11.2.202.535.

As per Adobe, successful exploitation was capable of leading to a crash while possibly let an attacker towards gaining hold over the affected computer.

Security firm Trend Micro, which unearthed the CVE-2015-7645 0-day vulnerability, substantiated that a hacker gang was abusing the flaw within real-life assaults targeted at the foreign affairs ministries of different countries. The gang apparently has close association with the Government-of-Russia and its name is Sednit alternatively referred to as Operation Pawn Storm.

Details of zero-days can be obtained over the Net; therefore, cyber-criminals quickly bring in the exploits within their own toolkits.

The latest editions of the Nuclear and Angler attack toolkits have been found actively abusing the bug in discussion as finds Malwarebytes whose clients' computers were being hijacked thereof.

So Malwarebytes notes that the integration of the 0-day bug within Nuclear and Angler exploit kits makes users of Flash still further susceptible to various attacks, particularly if their browser plug-in isn't made up-to-date.

Those who develop attack toolkits act aggressively in incorporating just-found security flaws into their wares while they do so within jus a week-or-so.

Angler EK developers, during August 2015, included support for a flaw in Internet Explorer within only weeks following Microsoft's patch for it. Angler EK was also made to incorporate one memory corruption vulnerability within earlier edition of Flash 17.0.0.188 during May 2015 and it was done just 2 weeks from the vulnerability's security patch. The vulnerability was as well included in Nuclear Pack, Neutrino and Magnitude exploit kits just some days later.

Eventually, for lessening the danger from the attacks, it's recommended that Flash users disable the plug-in else eliminate it completely.

» SPAMfighter News - 11/5/2015