Cybercriminals exploit Java 0-day fears to serve malware
Posted on 18.01.2013
With all the recent Java zero-day vulnerabilities being exploited in the wild and Internet news outlets heavily covering the development of the situation, many users will look for updates for the popular computing platform.
As expected, malware peddlers were quick to exploit this development and have already set up compromised websites that supposedly offer the latest update (7u11) for download:
“The fake update in question is javaupdate11.jar, which contains javaupdate11.class that downloads and executes malicious files up1.exe and up2.exe,” Trend Micro researchers shared. (More…)
Continued at: http://www.net-security.org/malware_news.php?id=2381