Chasing java updates – the Whitehole Exploit Kit (WHEK)
The malware (detected as JAVA_EXPLOYT.NTW) takes advantage of the following vulnerabilities to download malicious files onto the system: CVE-2012-5076 CVE-2011-3544 CVE-2012-4681 CVE-2012-1723 CVE-2013-0422 Worth noting is CVE-2013-0422, which was involved in the zero-day incident that distributed REVETON variants and was used in toolkits like the Blackhole Exploit Kit and Cool exploit kit. Because of its serious security implication, Oracle immediately addressed this issue and released a software update… …Whitehole Exploit Kit is purportedly under development and runs in “test-release” mode. However, the people behind this kit are already peddling the kit and even command a fee ranging from USD 200 to USD 1800. Other notable features of this new toolkit include its ability to evade antimalware detections, to prevent Google Safe Browsing from blocking it, and to load a maximum of 20 files at once. On January 13th, Oracle released the patch Java 7 Update 11 to address CVE-2013-0422 to address attacks that were already exploiting the flaw such as Cool Exploit Kit and then Blackhole Exploit Kit. NOOK Valentine’s Day: Get a FREE $30 Gift Card Online w/ the Purchase of NOOK HD or HD+ Tablets. Use Code N8P8L8B (Valid 2/1 – 2/14)]]>