Java zero day infections increase

By

Exploit attacks thousands.

An exploit that takes advantage of a gaping hole in Java has exploded across the globe, researchers say.


Kaspersky researcher Kurt Baumgartner said the cases number in the thousands, primarily in the United States, Russia and Germany.

Malware analysts first spotted the Java exploit on 17 Decemeber, but it wasn't until last week that infection rates began soaring. Soon after, news of the zero day became public knowledge.

A chart created by Kaspersky also pointed to a significant number of victims in Italy, Canada, Britain and other parts of Europe, where, in some cases, users that clicked on ads were redirected to malicious web pages that served the malware.

These web pages hosted the BlackHole exploit kit, currently the most prevalent toolkit of its kind on the black market, which is often used to spread malicious code that leverages vulnerabilities in popular software like Java.

“There appears to be multiple ad networks redirecting to BlackHole sites, amplifying the mass exploitation problem,” Baumgartner said.

“We have seen ads from legitimate sites, especially in the UK, Brazil, and Russia, redirecting to domains hosting the current BlackHole implementation delivering the Java zero-day. These sites include weather sites, news sites, and of course, adult sites.”

In addition to BlackHole, the Java zero-day has been added to the Cool, Nuclear and Red Kit exploit kits, which are commercially available in criminal forums.

A patch for the flaw has been released.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
exploitsjavakasperskyoraclesecurityvulnerabilities

Sponsored Whitepapers

Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Events

Most Read Articles

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?