Java zero-day infections pick up steam

Share this article:

An exploit that takes advantage of a gaping hole in Java has exploded across the globe, according to security firm Kaspersky Labs.

Researcher Kurt Baumgartner said the cases at least number in the thousands, primarily in the United States, Russia and German. Malware analysts actually first spotted the Java exploit on Dec. 17, but it wasn't until Wednesday morning that infection rates began soaring. Soon after, news of the zero-day became public knowledge.

A chart created by Kaspersky also pointed to a significant number of victims in Italy, Canada, the U.K., and other parts of Europe, where, in some cases, users that clicked on ads were redirected to malicious web pages that served the malware.

These web pages hosted the BlackHole exploit kit, currently the most prevalent toolkit of its kind on the black market, which is often used to spread malicious code that leverages vulnerabilities in popular software like Java.

“There appears to be multiple ad networks redirecting to BlackHole sites, amplifying the mass exploitation problem,” Baumgartner wrote. “We have seen ads from legitimate sites, especially in the U.K., Brazil, and Russia, redirecting to domains hosting the current BlackHole implementation delivering the Java zero-day. These sites include weather sites, news sites, and of course, adult sites.”

In addition to BlackHole, the Java zero-day has been added to the Cool, Nuclear and Red Kit exploit kits, which are commercially available in criminal forums.

SCMagazine.com reached out to Oracle, the maintainer of Java, which has yet to release a patch, but did not immediately hear back.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Adobe exploit used to spread Dyre credential stealer

Adobe exploit used to spread Dyre credential stealer

Users running vulnerable Adobe software could be in danger of having credentials for Bitcoin websites stolen.

Staples is investigating a potential issue involving credit card data

Staples is investigating a potential issue involving credit ...

The company said it is investigating a potential issue involving credit card data and that customers are not responsible for fraudulent activity on cards if an issue is discovered.

Skills set a priority over legacy prejudices, experts say

Skills set a priority over legacy prejudices, experts ...

Cybersecurity expert Winn Schwartau and Robert Clark, a cyber law attorney at the Army Cyber Institute, discussed issues around hiring in the information security industry.