• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Attacker Embeds Malware in The Guardian’s Cybercrime Article

December 12th, 2015 Owais Sultan Cyber Crime, Malware, Security 0 comments
Attacker Embeds Malware in The Guardian’s Cybercrime Article
Share on FacebookShare on Twitter

An article published by The Guardian in 2011 on the topic Cybercrime: is it out of control? received a nasty response from a hacker who inserted a malicious URL inside one of the syndicated link embedments in the article.

The article published by the website was headlined “Cybercrime: Is it out of Control?” and the hacker gave a proper response to the writer by inserting a malicious URL which directed the user to a page having Angler Exploit Kit malware.

This was found by researchers (J.Gomez, Kenneth Hsu and Kenneth Johnson) from a security firm “FireEye”. Though, they found this on 1st December but published their findings in a blog post on 9th December. The blog post about the exploit said:

“When the syndication link is loaded in the background, readers are eventually redirected to Angler’s landing page via injected HTML that crafts the request to the Angler landing page”

attacker-embeds-malware-in-the-guardians-cybercrime-article-1-down

Image Source: FireEye

Furthermore, the researchers noted the vulnerability in VBScript in the attack and also a Flash exploitation.

[fullsquaread][/fullsquaread]

“Angler unconditionally attempted to exploit a popular vulnerability CVE-2014-6332. This is a memory corruption vulnerability in Windows Object Linking and Embedding (OLE) Automation that can be triggered through VBScript with Internet Explorer”.

Researchers also noted that this exploit was based on proof-of-concept which is publicly available. Techniques used in this attack are also based on the same concept.

The Angler Exploit Kit is very difficult to track down as it continually looks out for any security programs and if it founds any it quickly force abandons the attacks before the program notifies or runs a suitable docile script.

The Angler exploit role in this attack is what it is designed for i.e. to exploit any vulnerabilities in the browser or any other plugins in the browser once it finds the vulnerability it exploits by delivering the payload.

Guardian’s officials, when reached to comment on these findings, said, “We are aware of FireEye’s claims and are working to rectify the issue as soon as possible.”

[src src=”Source” url=”https://www.fireeye.com/blog/threat-research/2015/12/cybercrime-news.html”]FireEye[/src]

[src src=”Featured Image Via” url=”http://www.raidious.com/wp-content/uploads/2015/08/Dollarphotoclub_76939568.jpg”]Raidious[/src]

  • Tags
  • Cyber Crime
  • hack
  • Malware
  • Scam
  • security
  • virus
Facebook Twitter LinkedIn Pinterest
Previous article Anonymous 'Trolls ISIS' with Memes and Photoshopped Images
Next article “Vuvuzela” SMS Text Messaging System More Secure Than Tor
Owais Sultan

Owais Sultan

Owais takes care of Hackread's social media from the very first day. At the same time He is pursuing for chartered accountancy and doing part time freelance writing.

Related Posts
Massive privacy risk as hacker sold 2 million MyFreeCams user records

Massive privacy risk as hacker sold 2 million MyFreeCams user records

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Massive privacy risk as hacker sold 2 million MyFreeCams user records
Cyber Crime

Massive privacy risk as hacker sold 2 million MyFreeCams user records

20
Gamarue malware found in UK Govt-funded laptops for homeschoolers
Security

Gamarue malware found in UK Govt-funded laptops for homeschoolers

37
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

364

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us