After Adobe recently patched the CVE-2016-4117 flaw that had been terrorizing users out there, other hackers have found ways to incorporate the exploit that was patched into some of their cyber attack tools, and now they have started to infect devices with the result of the tools they are using. FireEye, a security research company, discovered the malware and showed that cyber attackers have been using the new malware to attack users through the Flash content which was recently put into the Microsoft Word Office documents.
Adobe had to unpatch the CVE-2016-4117 vulnerability which was affecting the 126.96.36.199 Flash Player versions. The flaw was also affecting the Windows, OS X, Linux and Chrome operating systems. Adobe then repatched the flaw again two days later. Even after all this effort from Adobe, attackers still found a way to get into the code and exploit it, and use it in their attacks against web users.
After patching the malware again, and everyone thought the flaw would not haunt Adobe again, Kafeine, a security researcher who is popularly known in the cyber security circles, discovered the flaw again in Magnitude. Magnitude is considered to be one of the most popular exploit kits used by cybercriminals, and it seems like they have finally managed to install the malware on users computers if they visit any of the infected sites.
Even some of the legitimate websites also have and contain some malicious ads on them, and cyber criminals are thought to have had the same effect as any other malicious website. When users visit the websites that are infected with the virus, the malware inadvertently infects the devices without the knowledge of the owners. This is popularly known as malvertising and is mostly successful if and when users do not have efficient and convenient anti virus or anti malware software.
Most of the cyber espionage groups on the market and in the industry are more concerned about their kits at the moment, unlike the exploit kit creators who know that their exploits can only be used in vulnerabilities that are supposedly patched. The exploit kit creators and operators understand that nowadays, not many people update their Flash player anymore, but they do however spend a lot of time on the Internet browsing many websites and these are the malware ridden websites.
The exact number of victims who were unfortunate enough to install the infected malware in the two week period that Adobe did not give out a patch is unknown. Adobe has been working hard to patch all the exploits of the CVE-2016-4117 vulnerability. However, Kafeine reports that in April, at the beginning he had discovered another exploit that hackers were using to deliver the Cerber and Locky ransomware.