A recent vulnerability in the latest Adobe Flash version lead to a massive attack. More than 220000 pages on the Internet have been hacked most likely with an automated tool using a SQL injection attack. Those pages, some of well respected companies such as Nokia but also many non-profit organizations and town websites, redirect the user to websites that host the exploits for the Flash vulnerability.
If the system meets the requirements the exploit is used to download and execute trojans that steal information and droppers that download additional trojans. Information that are stolen are for example World of Warcraft account information while the droppers download files that add the computer to a botnet. (according to Trendmicro)
Most antivirus companies have already updated their software to disable the possibility that this exploit can be used on the computer the software is running on. Your best bet if you do not use antivirus software is to either disable Flash for now or use an extension like NoScript to block Flash on every domain but trusted ones.
Like such posts? Get updates via RSS NEWS FEED. Love Ghacks? Find out how you can help!
Related Posts
it just targets flash
4 Users Commented In This Post
Subscribe To This Post Comment Rss Or TrackBack URL