The cyber criminals currently abusing a new and unpatched vulnerability in Adobe Flash Player to infect computers with malware, have improved their method. The improvement means that now also Mozilla Firefox users are vulnerable to the attack. Earlier today we reported that security researcher Kaffeine from the blog “Malware Don’t Need Coffee” announced a zero-day leak in the Adobe Flash Player. The leak was exploited though the Angler Exploit Kit.
The discovered attacks were successful on Windows XP systems with IE6 to IE8, systems running Window 7 with IE8, and also Windows 8 and Windows 8.1 respectively running IE10 and IE11 were found to be vulnerable. Later today Kaffeine reported that the cybercriminals have modified their exploit in such a way that it’s now also able to infect systems that visit websites distributing the malware with a Firefox browser. The attack is confirmed to work on Firefox 35 with the most recent Flash player.
Once the leak in Flash is successfully exploited, infected computers become part of the Bedep botnet which in its turn installs additional malware and abuses infected machines for click fraud.
Yesterday Adobe reported it was investigating the issue, but so far the company has not confirmed the vulnerability nor provided additional information. While Adobe is (hopefully) working on a fix for the leak, it’s recommended to temporarily disable the Adobe Flash Player.