Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    February 2013
    S M T W T F S
    « Jan   Mar »
  • Email Subscription

  • About Us

    Archive for February 6th, 2013

    In our 2013 security predictions, Trend Micro Chief Technology Officer Raimund Genes predicted that we will be seeing new toolkits this year. In a recent posting of Malware don’t need coffee a new emerging exploit kit dubbed Whitehole Exploit Kit was tackled. The name Whitehole Exploit Kit is just a randomly selected name to differentiate it from BHEK.  While it uses similar code as Blackhole Exploit kit, BHEK in particular uses JavaScript to hide its usage of plugindetect.js, while Whitehole does not. It directly uses it without obfuscating this.

    We analysed the related samples, including the exploit malware cited in certain reports. The malware (detected as JAVA_EXPLOYT.NTW) takes advantage of the following vulnerabilities to download malicious files onto the system:

    Worth noting is CVE-2013-0422, which was involved in the zero-day incident that distributed REVETON variants and was used in toolkits like the Blackhole Exploit Kit and Cool exploit kit. Because of its serious security implication, Oracle immediately addressed this issue and released a software update, which was received with skepticism.

    Read the rest of this entry »



    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice