Malware, Vulnerability Management

Researchers analyze Bedep malware linked to Flash Player attacks

Saboteurs have continued to target vulnerabilities in Adobe Flash Player in order to spread malware, called “Bedep.” 

And, now, researchers at Trend Micro have provided further insight on the threat, noting that it was featured as the final payload for an exploit leveraging CVE-2015-0313, a zero-day that Adobe plugged on Thursday

Bedep was also linked to Flash Player attacks in late January exploiting CVE-2015-0311, according to a blog post by Trend Micro research engineer Alvin Bacani.

Recent findings by Trend Micro suggest that Bedep's central aim is to enlist infected systems into botnets “for other malicious intentions,” he explained. The malware has caused infected hosts to download additional malware and carry out advertising fraud, for instance.

Bedep's file structure is similar to data stealing malware known as Vawtrak (or Neverquest), and uses “heavy encryption” and Microsoft file properties to skirt detection.

Related

Rootkit capabilities likely with Windows bugs

Several rootkit-like capabilities could be obtained by threat actors through the exploitation of vulnerabilities in Windows' DOS-to-NT path conversion process, including file and process concealment and compromised prefetch file analysis, reports The Hacker News.

Abusing GitHub flaw could compromise GitLab

Open-source DevOps software project GitLab has also been impacted by the same security issue in GitHub comments that has been exploited by threat actors through Microsoft repository-linked URLs to facilitate the distribution of malware that was made to seem to originate from credible entities' official source code repositories, according to BleepingComputer.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.