As spotted by FireEye Angler EK is now exploiting CVE-2015-3090 patched with Flash 17.0.0.188

Angler EK :
2015-05-26

Only in few instances for now.
Angler EK successfully exploiting Flash 17.0.0.169 on Windows 7 running Internet Explorer 11
to push Bedep and an Adfraud module.
2015-05-27
Sample in that pass : 6cb6701ba9f78e2d2dc86d0f9eee798a
Fiddler sent to VT

Nuclear Pack :
2015-05-29

Thanks to Dan Caselden (FireEye), Timo Hirvonen (F-Secure) and Ladislav Janko (Eset) for CVE identification.
Nuclear Pack successfully exploiting  Flash 17.0.0.169 in Internet Explorer 11 on Windows 7
to push Andromeda
Sample in that pass : 9545257d3799f1b4d9cc00ae01a1b147
Fiddler sent to VT

Magnitude :
2015-05-29

Thanks to Kaspersky for CVE identification.
Magnitude exploiting Flash 17.0.0.169  to drop Cryptowall
2015-05-29
Sample in that pass : 645162c4eca4a8ec5a5d7d3f4f8b57fe
Fiddler sent to VT

Neutrino :
2015-06-01

Thanks to Kaspersky and Microsoft for CVE indentification.
Neutrino exploiting Flash 17.0.0.169 to drop Andromeda
2015-06-01 
Sample in that pass : 4e543ae5bafe9a1a1a8f6e8923c5d8a8
Fiddler sent to VT


Read more :
Angler EK Exploiting Adobe Flash CVE-2015-3090 - 2015-05-26 - Sai Omkar Vashisht, Corbin Souffrant, Yasir Khalid, Dan Caselden  - FireEye
0

Add a comment

Loading