Trend Micro, Malwarebytes and FireEye are among the security companies reporting that a recently patched Adobe Flash vulnerability has been added to the Nuclear Exploit Kit.
Adobe confirmed to Malwarebytes that a variant of CVE-2015-0336 is being exploited in the wild, according to a Thursday post, which explains that malware identified as Trojan.GenPe3.ED is being delivered.
“The Flash exploit was packed with secureSWF (a legitimate program from Kindi software) to protect it from decompilers and make security researchers' jobs more interesting,” Jerome Segura, senior security researcher with Malwarebytes, wrote in the post.
According to Trend Micro, the exploit is being served up to users via compromised websites. A Friday post explains that more than 8,700 users have visited URLs involved in the attack, with about 90 percent being from Japan and three percent being from the U.S.