Hackers have managed to discover a new dangerous Adobe vulnerability and add it to Magnitude exploit kit, according to independent security researcher Kafeine.
Remote Vulnerability Code Execution (CVE-2015 to 3113) revealed last week in Adobe Flash allows attackers to violate un-patched systems by targeting Internet Explorer in Windows 7 and XP.
The hackers according to them researchers της FireEye έχουν αρχίσει ήδη την διανομή κακόβουλου λογισμικού μέσω attacks phishing.
Kafeine researcher reports that the vulnerability has been added to the Magnitude exploit kit and due to the fact we will soon see an increase in attacks targeting Flash users.
The researcher also reports that attackers using the Magnitude exploit kit are distributing it ransomware Cryptowall.
"The CVE-2015-3113 vulnerability, which has been flagged as zero-day by FireEye, is exploited in limited targeted attacks. But now it has been added to the Magnitude exploit kit. ”
Let's say the developer of the Magnitude exploit kit managed to win from August of 2014 that runs up to 100.000 dollars per month according to Trustwave [PDF].
Researchers report that the Magnitude developer must be Russian and that he could earn up to 3.000.000 dollars a year.