Hackers are employing a drive-by download attack to exploit a vulnerability in Flash Player. What makes this so different is that researchers at Malwarebytes* have found that hackers are using encryption to package exploits on-the-fly. They are calling it – Hidden Bee Miner.
Patrick Ciavolella, Digital Security & Operations Director at The Media Trust:
“The hidden bee miner shows how bad actors have ingeniously combined a variety of techniques and infrastructure to both maximize the campaign’s spread and minimize the chance of detection. The miner spreads by compromising ad traffic and redirecting them to the exploit’s landing page. It escapes detection by malware blockers and other traditional detection tools because it is not only obfuscated, but also encrypted, requiring a key exchange with the backend server. This makes replaying the malicious traffic nearly impossible even for malware analysts. Another unique feature is the payload’s use of a bootkit, which cannot be detected by an operating system or an anti-malware tool. Even if it were detected, it couldn’t be deleted without damaging the infected device or machine. To prevent such increasingly sophisticated malware in their tracks, website operators need to continuously scan their sites in real time so they can identify unknown malware, terminate their source, and prevent them from infecting their visitors. The ability to thwart this aggressive malware is all the more crucial as consumer data protection laws proliferate across sought-after markets.”
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.