According to the experts of the tech giant Microsoft, a six-year-old vulnerability exploited by the attackers to spread malware Stuxnet, which is still the main vector of cyber attacks and the key instrument in the set of popular exploits Angler.

Hence, the number of Windows systems worldwide hit with malware infection attempts in the second half of last year jumped by nearly 6% over the earlier year to 20%.

Stuxnet Is Still The Popular Vulnerability Used By Hackers

Various malware groups exploit the vulnerability, but the users would be most likely to encounter it when confronted with the popular exploits Angler which has maintained its dominance in the crimeware market since the passing of Black Hole in 2013.

The critical vulnerability CVE-2010-2568 affects Microsoft Windows products and allows attackers to compromise the vulnerable system.

The problem is caused due to insufficient treatment of certain parameters in the Windows Shell when processing shortcuts (.lnk or .pif) during the connection icon.

This can be exploited via a specially crafted shortcut to execute arbitrary code on the system.

The vulnerability is known and has been well fixed ever since it became known about the powerful malware Stuxnet, which infected the systems of the uranium enrichment plant in the Iranian city of Natanz.

According to the reports, the Security Intelligence Reports to the tech giant Microsoft, as of the first half of 2015, this vulnerability was the most popular among hackers.

Typically, the malware Stuxnet was identified as a Win32 / CplLnk family representative. However, they were recorded, and the vulnerability affects the versions of Windows 8 and above.

The same report also says that in the past year, hackers have preferred sets of exploits (exploit kits) over other methods of propagation of malicious code that allow you to automate the infection process.

The most popular family of malware was Win32 / Gamarue, one of the largest and oldest botnets. Also, many potentially unwanted applications and phishing attacks against financial institutions are growing. In response to this, from 74.3% to 77.1% increase in the number of users working with real-time security applications.

As the Redmond company says that “high and medium -severity holes represented about 40 percent and 50 percent of all holes disclosed in the latter six months of last year compared to earlier months, the number of the former surging by 41.7 percent over the period”.

LEAVE A REPLY

Please enter your comment!
Please enter your name here