A cybercrime article from 2011 named as “Cybercrime: is it out of
control?" on the website of Guardian has been found to be serving up
the Angler Exploit Kit.
The Angler Exploit Kit is a Web-based utility toolbelt that hackers use to test the defenses of a user's computer.
The problem was discovered by FireEye Labs on December 01 which noticed
that this instance of Angler infection this not come from a tainted ad
but visiting the Guardian’s article about cybercrime.
Visiting the page would execute an embedded script to redirect the reader's browser to an Angler Exploit Kit landing page.
This particular vulnerability enables a "God Mode" on infected PCs,
giving attackers control over every face of the user's machine.
Angler exploit kit also scans for the Flash-based CVE-2015-5122,
CVE-2015-5560, and CVE-2015-7645 vulnerabilities which are less powerful
intrusions, compared to the Windows OLE one, but dangerous
nevertheless.
These vulnerabilities have been fixed by Microsoft and Adobe, and users
who keep their systems up to date have nothing to fear while reading the
article on Guardian.
Meanwhile, Guardian has assured to fix the contaminated links on its website.
This news came days after Angler was found serving malvertising to visitors of video site DailyMotion.
No comments:
Post a Comment