Web malware exploitation kits updated with new Java exploit

Summary:Cybercriminals are quick to capitalize on the announcement of a newly discovered vulnerability -- CVE-2011-3544 -- in Java.

Cybercriminals are quick to capitalize on the announcement of a newly discovered vulnerability -- CVE-2011-3544 -- in Java.

According to researchers from M86Security, popular web malware exploitation kits such as Phoenix exploit kit 3.0 and the Blackhole Exploit Kit version 1.2.1 were updated with a new recent exploit before a patch had been released.

Does this mean that cybercriminals are actively relying on zero day flaws as a success factor for their malicious campaigns? Not at all, as zero day flaws are not the primary growth factor of the cybercrime ecosystem. Instead, the cybercriminals rely on already patched vulnerabilities, whose active exploitation is the primary objective of web malware exploitation kits.

Based on third-party research from multiple sources, we can clearly conclude that end users aren't patching their third-party applications and browser plugins, making it fairly easy for cybercriminals to actively exploit this trend.

Related posts:

Topics: Malware, Browser, Open Source, Security

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.