Hackers κατάφεραν να ανακαλύψουν μια νέα επικίνδυνη ευπάθεια του Adobe και να την προσθέσουν στο Magnitude exploit kit, according to independent security researcher Kafeine.
The remote implementation κώδικα της ευπάθειας (CVE-2015 έως και 3113) που αποκαλύφθηκε την περασμένη εβδteam in Adobe Flash allows attackers to compromise un-patched systems by targeting Internet Explorer on Windows 7 and XP.
Οι hackers σύμφωνα με τους ερευνητές της FireEye έχουν αρχίσει ήδη την διανομή κακόβουλου λογισμικού μέσω επιθέσεων phishing .
Kafeine researcher reports that the vulnerability has been added to the Magnitude exploit kit and due to the fact we will soon see an increase in attacks targeting Flash users.
The investigator also reports that attackers using the Magnitude exploit kit distribute the Cryptowall ransomware.
"The CVE-2015-3113 vulnerability, which has been flagged as zero-day by FireEye, is exploited in limited targeted attacks. But now it has been added to the Magnitude exploit kit. ”
Let's say the developer of the Magnitude exploit kit managed to win from August of 2014 that runs up to 100.000 dollars per month according to Trustwave [PDF].
Researchers report that the Magnitude developer must be Russian and that he could earn up to 3.000.000 dollars a year.