The Latest in IT Security

New Java 0-day added to Blackhole Exploit Kit

29
Aug
2012

Earlier today we blogged about a new Java zero-day vulnerability (CVE-2012-4681) being used in a small number of attacks. That's about to change as exploit code for the Java vulnerability has been added to the most prevalent exploit kit out there; Blackhole.

Here's a snippet of the updated Blackhole code:

The Pre.jar file (VirusTotal link) will use the new vulnerability to install the malware (VirusTotal link) itself. In this particular attack it was a banking trojan as can be seen from our ThreatScope report. Websense customers using our Advanced Classification Engine (ACE) were proactively protected against the updated Blackhole kit by our real-time analytics.

Technically the new vulnerability is actually two separate vulnerabilities. A technical analysis of these two vulnerabilities is available at the blog Immunity Products in this post.

Leave a reply


Categories

FRIDAY, OCTOBER 20, 2017

Featured

Archives

Latest Comments

Social Networks