2014-11-20 - Exploit Integration
CVE-2014-8440 (Flash up to 15.0.0.189) and Exploit Kits
Once again that's fast. Nine day (or less?) after patch
the vulnerability is being exploited in blind mass attack. No doubt about it : the team behind Angler is really good at what it does.
Angler EK :
Thanks Anton Ivanov ( Kaspersky ) for CVE identification.
CVE-2014-8440 successfully exploited by Angler EK 2014-11-20 |
The Sample is : 8181b7da3a53a7a6c1d23f852e85c446
Two Fiddler (Firefox and IE) pushed on VT : Fiddler_Angler_CVE-2014-8440_Password_is_malware.zip
[Edit : 2014-11-26]
This CVE that was used only in a specific (VIP?) Angler instance has been propagated to all Angler EK threads with 02d48a05c15f55a085be296ed12a5ed7 this afternoon.