Researchers have discovered that some users have failed to install the latest patch released by Adobe for a zero-day vulnerability and hackers took advantage of the situation and continued infecting vulnerable devices with ransomware or Trojans that steal online banking logins and passwords.
Currently, there are used three exploit kits: Neutrino, Magnitude and Angler and they use security vulnerabilities which hackers use to infect devices with ransomware (CryptXXX and DMA Locker), while the most known Trojan used to hijack banking credentials is dubbed Gootkit.
Angler spreads the Dridex banking Trojan and it’s employed through MS Office documents that come attached in emails. This method has been very productive, as it helped hackers to steal no less than $30 million from bank accounts. As if this wasn’t bad enough, the Angler Exploit Kit has been used in the EITest campaign to distribute a number of malware payloads alongside the Neutrino EK (on occasion). And this infection affected devices where Adobe Flash player wasn’t updated and had many vulnerabilities.
For the safety of their devices, users are advised to uninstall Flash Player, then get the latest version, and to install an internet security software that will protect them against phishing scams. According to SANS, users fail to update their applications, to install new OS patches and they are vulnerable to malware. Amol Sarwate, director of engineering at Qualys, told SCMagazine.com that “Finding a zero day – i.e., previously unknown – vulnerability, is time consuming and involved. Instead, attackers are focusing their efforts on finding ways to exploit a vulnerability after a patch is released” and he explained that hackers use binary diffing/reverse engineering tools and they find out how an un-patched target can be exploited.
He added that “Attackers get a high return if they can do this expeditiously as they depend on slower patch deployment” and “For high value targets like Adobe Flash we have seen quick exploit being developed and we expect this time to shorten further.”