Java Zero-Day Exploit In The Wild, Spreading Ransomware
A new zero-day exploit in Java has been found in the wild. Currently, this exploit is being used by toolkits like the Blackhole Exploit Kit (BHEK) and the Cool Exploit Kit (CEK).
CEK is the creation of the same author responsible for Blackhole Exploit Kit. It appears to be a high-end version of the more accessible BHEK. Zero-day exploits are first incorporated into CEK and only added into BHEK once they have been disclosed. It has been reported that CEK was being used to distribute ransomware, particularly Reveton variants.
Reveton is one of the most common ransomware threats in existence today; these lock user systems and show spoofed notifications from local police agencies. These inform users that to unlock their system, they must pay a fine ranging from $200 to $300. We discussed these threats in our earlier report Police Ransomware Update. In addition, our researcher Loucif Kharouni observed that this year we will see more developments from toolkits. New toolkits that are stealthier or difficult to detect will emerge. Perhaps, this use of zero-day exploit is a taste of trends to follow with regards to cybercriminal toolkits.
To prevent this exploit, and subsequently the related payload, we recommend users to consider if they need Java in their systems. If it is needed, users must use the security feature to disable Java content via the Java Control Panel, that shipped in the latest version of Java 7. The said feature disables Java content in webpages. If Java content is not needed, users may opt to uninstall Java as it can pose certain security risk.
Trend Micro protects users from this zero-day exploit via its Deep Security rule 1005177 – Restrict Java Bytecode File (Jar/Class) Download. This rule blocks the .JAR and class files thus preventing users from downloading all related malware. OfficeScan with Intrusion Defense Firewall (IDF) plugin users can also apply this rule to protect users from the malicious .JAR and class files. Note that this rule blocks all Java content.
Watch this space for updates on a new rule that will be shipped for this particular exploit.
Incoming search terms
- parking man game nokia c3 320x240 download
- www one man army java game for opera mini dawonlod com
- Www Java Lodu Games Download
- www down load waptric games theor com
- waptric contra news
- waptiric mobile games jad and jar
- PHONEKY FIFA 16 JAD JAR
- 2 players local lodu java game
- Opera mini downlod by phokey
- New multiplayer mobile whot for java phone
- lodu gams dawnlod
- Java Phonkey game download
- Fiting game downloded java
- DEDOMIL AVANGERS2 JEUX JAVA com
- WWW PES218 COM NOKIA