Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adobe's Latest Zero-Day Exploit Repurposed, Targeting Adult Websites

Posted by samzenpus on from the watch-what-you-watch dept.

MojoKid writes Adobe issued a patch for bug CVE-2015-0311, one that exposes a user's browser to become vulnerable to code injection, and the now infamous Angler EK (Exploit Kit). To fall victim to this kind of attack, all someone needs to do is visit a website with compromised Flash files, at which point the attacker can inject code and utilize Angler EK, which has proven to be an extremely popular tool over the past year. This particular version of Angler EK is different, however. For starters, it makes use of obfuscated JavaScript and attempts to detect virtual machines and anti-virus products. Its target audience is also rather specific: porn watchers. According to FireEye, which has researched the CVE-2015-0311 vulnerability extensively, this exploit has reached people via banner ads on popular adult websites. It was also noted that even a top 1000 website was affected, so it's not as though victims are surfing to the murkiest depths of the web to come in contact with it.

14 of 203 comments (clear)

  1. Adblock, FTW by Kiaser+Zohsay · · Score: 5, Insightful

    Seriously, who even sees ads anymore?

    --
    I am not your blowing wind, I am the lightning.
  2. Maybe if Adobe fixed their broken updater... by GerbilSoft · · Score: 4, Insightful

    Selecting "automatically update" doesn't actually automatically update. It just causes it to complain that an update is available every time you reboot and/or log on.

    Maybe if Adobe fixed this, there wouldn't be so many success Flash-based attacks.

    1. Re:Maybe if Adobe fixed their broken updater... by Anonymous Coward · · Score: 3, Insightful

      I totally agree. I solved this by disabling any Adobe stuff on any browser or platform or device.

      And when you go to Update it. It takes you to a web page. If you're not paying attention, it will try to install other stuff like the useless Mcaffee. The Adobe web page downloads a shim installer - not the real thing. The shim installer downloads the real thing and then installs that...

      Do Adobe programmers smoke crack or something?

    2. Re:Maybe if Adobe fixed their broken updater... by s.t.a.l.k.e.r._loner · · Score: 5, Insightful

      Mandatory: http://xkcd.com/1197

  3. Well I guess it's a good thing... by SeaFox · · Score: 3, Insightful

    I block ads on ALL websites.

    1. Re:Well I guess it's a good thing... by gstoddart · · Score: 5, Insightful

      I'm curious... At this point do we just expect everything to be 100% free? Or do we think money fairies give companies the capital to pay for bandwidth and processing power?

      Hey, there will always be people who don't block ads. Some sites have subscriptions, which people are free to use.

      But the reality is, most sites with ads are infested with literally dozens of third party crapware, places which sideload junk into your system (specifically through crap like Flash), and which want to collect collate and sell your private information.

      I will allow a site which serves its own advertising to show ads as long as they're not overly intrusive. But doubleclick, discus, scrorecard reasearch, quantcast, facebook, twitter -- and literally hundreds of other shit sites I have no interest in, well -- that's not my problem.

      I'm visiting your website. Unless you lock me out via subscription (in which case I'll ignore your site), I do not owe you ad revenue, and I sure as shit don't owe the 20 other sites embedded in your website anything.

      Honestly, if you eventually go out of business ... that is not my problem. Protecting myself from marketers and malware is my problem, and quite frankly, Flash gets reported as loading up malware pretty regularly. I've treated it as malware for over a decade now.

      But let's not act like I owe you something. And let's certainly not act like just because you collect your money from a bunch of shady assholes that I owe them anything.

      --
      Lost at C:>. Found at C.
    2. Re:Well I guess it's a good thing... by phantomfive · · Score: 4, Insightful

      At this point do we just expect everything to be 100% free? Or do we think money fairies give companies the capital to pay for bandwidth and processing power?

      I used to agree with you, but at this point, it's too dangerous to not block ads. You never know when one of them will be malware, and it's not a risk I want to take.

      Last time this conversation came up, someone suggested that the internet was better before advertising. I think there's some truth to that.

      --
      "First they came for the slanderers and i said nothing."
    3. Re:Well I guess it's a good thing... by fightinfilipino · · Score: 5, Insightful

      I'm curious... At this point do we just expect everything to be 100% free? Or do we think money fairies give companies the capital to pay for bandwidth and processing power?

      i'm curious...at this point should we accept malware as just a regular part of going to websites?

      the question's rhetorical of course - until websites prevent malware from being distributed through their ad networks, i will block ALL ads to defend my computer.

    4. Re:Well I guess it's a good thing... by gstoddart · · Score: 3, Insightful

      They don't owe me a damned thing, and I don't owe them anything -- but until they find a technology solution to stop me, too damned bad.

      I'm still going to block as many advertising and analytics companies as I can, using as many plugins as I can find. In every browser I use.

      The sites I read aren't in any danger of going under because I don't give them ad views -- and even if they were, I still don't trust the companies involved.

      But blocking Facebook and Twitter and the big ad/a analytics companies? If you think I give a crap about that, you're sadly mistaken.

      So you go ahead and be a well behaved little consumer, me, I'll continue to not give a crap about the revenue of large corporations.

      --
      Lost at C:>. Found at C.
    5. Re:Well I guess it's a good thing... by Anonymous Coward · · Score: 2, Insightful

      We don't feel entitled to their content.

      They are free to remove their content from the internet, or put it behind a paywall. But we ask them for a page, they give us a page. What we do with the page after we get it is up to us.

    6. Re:Well I guess it's a good thing... by bigfinger76 · · Score: 2, Insightful

      They don't "owe" us anything.
      They choose to put info up at a public website. What internet users do with their respective browsers is irrelevant.

  4. Re:Something Suspicious by FreonTrip · · Score: 5, Insightful

    It's a problem born from software bloat. It was originally intended to be a means of drawing vector graphics and simple animations, but there was a void in functionality in the days before PCs were fast enough to handle Javascript (or even had browsers that could cope with the highly abstracted pages written now). So more functionality was added, and with that came layer after layer of gooey, exploitable cruft. Now Flash doesn't just offer vector graphics. It's a multimedia environment with DRM, a method of offering rich internet applications, a video player, and a buttload more besides. All that bloat's been encouraged because Adobe wants Flash to be used by as many people as possible - it's publicly traded, you've got to show investors and stockholders where all that money's going - and we've now arrived at the point where it's a suppurating pile of vulnerabilities and patched-together functionality with legacy support, far more trouble than it's worth for most users.

  5. Re:Adobe Flash Installer Download Knows About Thes by FreonTrip · · Score: 5, Insightful

    It's galling, isn't it? "We know our software's as safe on the unprotected web as a Craigslist hookup, so be sure to keep this software rubber handy." And it might not be so insulting if McAfee was good at anything besides eating hardware resources...

  6. Security Issues by TrollstonButterbeans · · Score: 5, Insightful

    "How come such a relatively simple files - something that essentially plays media content - continues to be such a hot-bed of vulnerabilities".

    Flash didn't start out as a media player, per se, but an interactive presentation layer for animations and for a while imagined itself as browser-independent web based user interface programming language.

    So it is a complex unwieldy beast.

    --
    Priest: "Universe from nothing, no laws of physics, sped up time"+ huge discrepancies. Creationism? No. Big Bang Theory