Experts Observe that an EK other than Angler Being Employed by Hackers

Cbronline.comon published a report on 5th February, 2015 quoting many security researchers as "Hackers are using an exploit kit other than Angler to attack third Adobe Flash zero-day since the beginning of the year in trying to malign their computers with malware."

Analysts found that the patterns of the attack look similar to Hanjuan exploit kit than Angler with the fault apparently used by hackers to install malicious adverts onto sites like video platform Dailymotion, news site The Blaze and New York Daily news.

Threatpost.com published a report on 5th February, 2015 quoting Karl Sigler, threat intelligence manager of Trustwave, as saying "One of the interesting things about Hanjuan exploit kit is that it is very stripped down as compared to Magnitude or Angler, both of which are much complex. Hanjuan is hyper-focused on precise exploits and browser types and this simplicity makes it difficult to detect on the wire. You would see lot of communication on the wire with Angler or Blackhole but with Hanjuan you would see only yes or no. Either the browser is vulnerable or it will pass by."

This week, Trustwave discovered an exploit for the third Flash Player zero-day which is being delivered by Hanjuan. Kafeine, a French researcher, found this exploit in Angler using similar exploitation techniques as a Flash zero day making both parties believe that there is a possible connection between the two.

Recently, Adobe advised that the Hanjuan exploit was being distributed in drive-by downloads and malvertising attacks with ad networks used by major websites which redirected visitors to click-fraud malware and ransomware in some cases.

Securityweek.com published news on 5th February, 2015 quoting a recent blog of Jerome Segura, Senior Security Researcher of Malwarebytes while commenting on exploit kits as "Exploit kits are made of different parts which can be updated with time. This is very critical part because most of the software programs evolve and new vulnerabilities are discovered. Since there is a high demand for effective exploitation tools, there is a lot of money being spent to make the exploit kits better."

Adobe confirms that it is aware of the vulnerability and says that it is working to fix it and release it soon.

ยป SPAMfighter News - 2/10/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next