Java 0-Day Exploit CVE-2013-0422

The infamous exploit packs Blackhole and Nuclear Pack now feature a new zero-day Java exploit that exploits the Java vulnerability CVE-2013-0422. The latest version of Java 7 Update 10 is affected.

These exploit packs are available as “off the shelf” malware kits – available to criminals to infect any machine that visits a website they own, or have exploited and loaded their malware infection tools to.

Malware spreading through drive-by-downloads often utilizes exploit packs, which are able to serve malware variants without any user interaction, as opposed to other techniques relying on social engineering.

While users of ESET security products are protected from this threat (we detect it as Java/Exploit.CVE-2013-0422) we do concur with the advice given by Brian Krebs to disable Java if not needed, so as to minimize the potential attack vectors used by malware.

blackhole and java exploit eset caught

By Robert Lipovsky - ESET Malware Researcher
Robert Lipovsky
Malware Researcher

Related:
How to Update Java Manually / How to check you have the latest Java
Java Exploit (zero-day) is actively being exploited by hackers

Quoting Brian Krebs – Respected Security Expert and author of Krebs On Security:

The curator of Blackhole, a miscreant who uses the nickname “Paunch,” announced yesterday on several Underweb forums that the Java zero-day (known as CVE-2013-0422) was a “New Year’s Gift,” to customers who use his exploit kit. Paunch bragged that his was the first to include the powerful offensive weapon, but shortly afterwards the same announcement was made by the maker and seller of Nuclear Pack.

Ready for the right solutions?

It’s time to offload your technology troubles and security stress.