New exploits for Microsoft Software including the Windows operating system have been added to the Purple Fox and Magnitude Exploit Kits. These are some of the serious tools used by computer criminals in leveraging large-scale network attacks. The newly found issues have been identified in major components such as the Internet Explorer web browser and its associated libraries.
CVE-2020-0674 and Other Dangerous Exploits Used In New Purple Fox and Magnitude Exploits Kits
The Magnitude Exploit Kit has been updated with new functionality being able to infect Microsoft Explorer users. The last active campaign was detected in Asia, specifically targeting Hong Kong, South Korea and Taiwan with the newer update of the software. This vulnerability is being tracked in the CVE-2019-1367 advisory. This was a zero-day vulnerability detected in Internet Explorer. It has since then been addressed and a patch has been released by the company.
The main method of spreading virus code that can impact the web browsers is the launching of malvertising attacks. This includes the use of the Purple Fox Exploit Kit which has been configured to exploit Microsoft Windows 10 with the CVE-2020-0674 threat. It takes advantage of a security issue found in the jscript.dll library, one of the core components which is used by the operating system. The abuse will lead to a leak making it possible to hijack information. A memory manipulation will follow which will lead to the loading of malware.
One of the important aspects of the Purple Fox exploit kit is the fact that the hackers behind it have created their own exploit kit instead using a ready-made solution. This is in comparison with hacking groups that have traditionally relied on malvertising using the RIG exploit kit.
Previous campaigns relied on the exploit kits to deliver ransomware. Language checks were made and the targets were chosen based on the results of the analysis. In newer versions the language identification has been removed as the targeted users were chosen based on their proposed geographical location.