Latest exploit used to sling CryptXXX ransomware
Security researchers are warning of a new wave of malvertising that harnesses the latest Flash exploit.
The attack features tainted ads from websites including dailymotion.com, vodlocker.com, answers.com and legacy.com.
Fraudulent advertisers are posing as legitimate retail or legal businesses in order distribute “conditional” malvertising, which then redirects to the Angler exploit kit, although that only happens if certain conditions are met.
Angler is using a very recently patched Flash Player exploit (CVE-2016-4117) in an attempt to infect the Windows PCs of surfers with the CryptXXX ransomware.
“This entire sequence does not require any user interaction at all.
As soon as soon as the advert gets displayed, the exploit redirection and infection automatically take place,” security firm Malwarebytes warns.
The attack exploits a flaw patched by Adobe two weeks ago, on 10 May. More details on the threat are due to be published by Malwarebytes in a blog post later today. ®
Sponsored: Rise of the machines