• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

Flash Zero Day Being Exploited In The Wild

January 22, 2015

Views: 2,530

This is not the first Flash Zero Day and it certainly won’t be the last, thanks to the Sandbox implemented in Chrome since 2011 – users of the browser are fairly safe.

Those using IE are in danger (as usual) and certain versions of Firefox.

Flash Zero Day Being Exploited In The Wild

It has been rolled into the popular Angler Exploit Kit, which seems fairly prevalent although not as popular as Blackhole historically.

A zero day Flash vulnerability is being actively exploited by criminals using the popular Angler exploit kit. Adobe is investigating the report by respected French malware researcher Kafeine, who found the exploit kit circulating on cybercrime forums.

The vulnerabilities affected Flash Player versions up to 15.0.0.223 and the latest 16.0.0.257, he said. Punters on Windows 8.1 are safe, along with those using Google Chrome thanks to use of sandboxing.

Those operating other Windows platforms with Internet Explorer versions 10 and below, and some Mozilla Firefox versions, have been confirmed as vulnerable to the exploit. The free version of MalwareBytes’ Anti-Exploit tool prevented the attack, but it is as yet unknown if Microsoft’s Enhanced Mitigation Exploit Tool can fight the attack.

It’s not yet known if Microsoft EMET blocks this attack, but MBAE does.

It seems like the drive by malware slingers are stepping up their game and investing time into obfuscation and encrypted payloads to make detection/blocking more difficult.

The exploit kit drops the Bedep trojan which could serve as a persistent advertising slinger and malware downloader, (last version of Win7 at least) is bypassed. Angler remains one of the most proflic exploit kits.

The zero-day came as Cisco warned separately that exploit kit writers were taking more time to write obfuscated code. This would ostensibly prolong the life of investments such as the discovered Flash zero day that would decrease in effectiveness after users applied the imminent Adobe patches. Cisco bods in a new annual report (pdf) painted Angler as the most active kit last year, followed by Sweet Orange and Goon.

“Angler’s use of Flash, Java, Microsoft Internet Explorer, and even Silverlight vulnerabilities makes this exploit kit the ‘one to watch’,” Cisco bods said.

“Once the exploit is triggered, the malware payload is written directly into memory in a process such as iexplore.exe, instead of being written to a disk. “The payload delivered by Angler looks like a blob of encrypted data, which makes it harder to identify and block.” Angler was more popular having spiked in August thanks to a developer decision to nix the need to download Windows executables to foist malware.

It seems like there’s quite a few Exploit kits floating around, which basically bundle together a whole set of exploits and pop a web browser however they can to install further malware, things like Bedep just slurp down even more malware and install that covertly on a victims machine.

That’s usually why when you see an infected machine, it has a LOT of malware on it – not just one thing.

Source: The Register

Share37
Tweet71
Share17
Buffer
WhatsApp
Email
125 Shares

Filed Under: Exploits/Vulnerabilities, Malware Tagged With: flash, flash exploit, flash security, flash vulnerability, flash zero day



Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

AgentSmith HIDS - Host Based Intrusion Detection

AgentSmith HIDS – Host Based Intrusion Detection

padre - Padding Oracle Attack Tool

padre – Padding Oracle Attack Exploiter Tool

Privacy Implications of Web 3.0 and Darknets

Privacy Implications of Web 3.0 and Darknets

DataSurgeon - Extract Sensitive Information (PII) From Logs

DataSurgeon – Extract Sensitive Information (PII) From Logs

Pwnagotchi - Maximize Crackable WPA Material For Bettercap

Pwnagotchi – Maximize Crackable WPA Key Material For Bettercap

HardCIDR - Network CIDR and Range Discovery Tool

HardCIDR – Network CIDR and Range Discovery Tool

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (225)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (430)
  • Forensics (64)
  • Hacker Culture (8)
  • Hacking News (228)
  • Hacking Tools (681)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (72)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (218)
  • Secure Coding (118)
  • Security Software (233)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,181,988)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,172,353)
  • Top 15 Security Utilities & Download Hacking Tools (2,095,362)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,198,682)
  • Password List Download Best Word List – Most Common Passwords (931,852)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (774,478)
  • Hack Tools/Exploits (672,593)
  • Wep0ff – Wireless WEP Key Cracker Tool (528,865)

Search

Recent Posts

  • AgentSmith HIDS – Host Based Intrusion Detection August 31, 2023
  • padre – Padding Oracle Attack Exploiter Tool May 28, 2023
  • Privacy Implications of Web 3.0 and Darknets March 31, 2023
  • DataSurgeon – Extract Sensitive Information (PII) From Logs March 21, 2023
  • Pwnagotchi – Maximize Crackable WPA Key Material For Bettercap February 12, 2023
  • HardCIDR – Network CIDR and Range Discovery Tool December 29, 2022

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2023 Darknet All Rights Reserved · Privacy Policy