Flash Player zero-day exploit infected nydailynews.com

Visitors to the New York Daily News website or Metacafe website recently could have been infected with malware, according to Malwarebytes.

The malware was being delivered via advertising redirected users to the Hanjuan Exploit Kit. Researchers only observed the exploit taking advantage of a recently patched Adobe Flash Player zero-day vulnerability – CVE-2015-0313.

The threat is a an auto download attack that requires no user interaction, meaning no clicking is required to become infected

This a stealth infection on a very public site that users expect to be “safe”. This is an example of why workstations need to be running up to date virus programs and have the latest security updates installed.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: