Less than a week after Oracle Corp. released a patch for a Java remote code execution vulnerability, the flaw was targeted by cybercriminals infecting unprotected computers with ransomware, according to security researchers.
F-Secure said attacks on the vulnerability started on April 21, a day after the exploit for the flaw was added to Metasploit. Although Metasploit is an open-source tool used by penetration testers it is not uncommon for cybercriminals to adapt Metasploit modules for use in malware toolkits.
In its original advisory, Oracle rated the flaw’s impact at 4.3 in a scale of 10 using the Common Vulnerability Scoring Systems. Oracle said the vulnerability can only be exploited through untrusted Java Web Start applications and untrusted Java applets.
A blog post on the site Malwaredontneedcoffee.com said that CVE-2013-2423 was added into the Web attack tool kit Cool Exploit Kit which is used to install a malware called Reveton.
Reveton is a ransomware used by cybercriminals to extort money from victims. The malware locks down the operating system of an infected machine, warns victims that they had downloaded illegal files and demands that victims pay a fine.
Oracle said users should upgrade to the latest Java 7 version, Update 21, as soon as they can.
Understanding how IBM Spectrum Protect enables hybrid data protection
Abdicating your company’s data protection responsibilities to the first cloud solution provider you encounter is just as unwise as doing nothing at all to leverage the cloud. On the other hand, it can be a wise decision to investigate what results you might achieve by choosing a backup technology that is capable of supporting a hybrid protection approach capable of covering both on-premises technology and offsite cloud capabilities.