Ransomware Uses Java Zero Day

Monday, January 14, 2013 @ 02:01 PM gHale


More exploits continue to take advantage of the newly found Java 7 Zero Day exploit as variants of the Reveton ransomware are starting to surface, security researchers said.

Not to lose out on an opportunity, malware developers are jumping at the chance to take advantage of this vulnerability as it is already in a few exploit kits including Blackhole, Cool, Nuclear Pack and Redkit, said researchers at Trend Micro.

RELATED STORIES
Java Zero Day Exploits Ready to Go
Adobe Fixes Acrobat, Reader, Flash
Malware Targets Java HTTP Servers
Adobe Shockwave Vulnerabilities

The Cool Exploit Kit features the ransomware attacks, researchers said.

Trend Micro said it updated its products to detect the webpages that load the exploit code, and also the payloads they serve.

Security experts said the best way for users to protect themselves against the threat is by disabling or completely removing Java.

US-CERT also issued an advisory to warn users about the vulnerability and they also recommend disabling Java until a proper patch comes out.
http://www.kb.cert.org/vuls/id/625617



Leave a Reply

You must be logged in to post a comment.