Mass attack hits patched Java flaw

Less than a week after Oracle Corp. released a patch for a Java remote code execution vulnerability, the flaw was targeted by cybercriminals infecting unprotected computers with ransomware, according to security researchers.

“A few days after oracle released its critical patch for Java and CVE-2013-2423 are already being exploited,” according to a blog post yesterday by the security company F-Secure. “Upon checking the history, the exploitation seems to have begun April 21st and is still actively happening (as of this post).”
(Image from F-Secure)
 
CVE-2013-2423 was one of the 42 security issues fixed in the Java 7 Update 21 released by Oracle on April 16.

F-Secure said attacks on the vulnerability started on April 21, a day after the exploit for the flaw was added to Metasploit. Although Metasploit is an open-source tool used by penetration testers it is not uncommon for cybercriminals to adapt Metasploit modules for use in malware toolkits.

RELATED CONTENT

U.S. says Java should be disabled
Five new Java SE 7 flaws spotted

In its original advisory, Oracle rated the flaw’s impact at 4.3 in a scale of 10 using the Common Vulnerability Scoring Systems. Oracle said the vulnerability can only be exploited through untrusted Java Web Start applications and untrusted Java applets.

A blog post on the site Malwaredontneedcoffee.com said that CVE-2013-2423 was added into the Web attack tool kit Cool Exploit Kit which is used to install a malware called Reveton.

Reveton is a ransomware used by cybercriminals to extort money from victims. The malware locks down the operating system of an infected machine, warns victims that they had downloaded illegal files and demands that victims pay a fine.

Oracle said users should upgrade to the latest Java 7 version, Update 21, as soon as they can.

 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now