Adobe reader 0-day vulnerability with modified BlackHole

[Br33k]

Group-IB, a Russian cybercrime investigation company has discovered a zero-day vulnerability, affects Adobe Reader X and Adobe Reader XI. The vulnerability is also included in new modified version of Blackhole Exploit-Kit, which is used for the distributing the banking Trojans (Zeus, Spyeye, Carberp, Citadel) with the help of exploitation different vulnerabilities in client-side software.

The particular exploit is available in underground forums for as much as $50,000 and bug is dangerous because it permits cybercriminals to run arbitrary shellcode by bypassing the sandbox feature integrated into the more recent versions of Adobe Reader.

For now this flaw is distributed only in only small circles of the underground but it has the potential for much larger post-exploitation methods.

The exploit is limited to Microsoft Windows installations of Adobe Reader and it can’t be fully executed until the user closes his Web browser (or Reader). Adobe representatives said that they were not aware of the issue. If Group IB’s discovery is confirmed and Adobe patches it, it would end the software maker’s two year run on zero real attacks against the sandboxed versions of Reader.

PoC at youtube: "Adobe Reader X/XI zero-day flaw found by Group-IB"

 

[VasiliyPupkin]

Delete.

 

[Ninja]

I was doubt why so many ppl send me PDFs last days.

 

[Br33k]

VasiliyPupkin, http://thehackernews.com/2012/11/ad...nerability.html#sthash.shM4iymW.An3zshVF.dpbs

 

[KUB]

Is this new? Post source please.

The particular exploit is available in underground forums for as much as $50,000

 

[sinatra]

PDF exploit is not new news!

 

[xmaster]

боян трех летней давности

 

[eggdrop]

i guess they use something similar with
http://www.exploit-db.com/exploits/22464/


but still don't think is 50k

 

[bobbyazk]

PDF exploit is not new news!

This ripper talks like he knows shit about hacking...lol...
you lucky i have deer, could have made a thread with proof on hw u rip..

and Zero-day vulnerability means New vulnerability without patch yet...lol..
Bitch!

 

[sinatra]

bobbyazk, huh? You are lucky being a deer.. If I was Ninja I would have banned you with an attitude like that.

 

[bobbyazk]

yh yh....maybe Ninja wont rip $70...RIPPER! lol...funny how poor you are...after carding all ur fucking life...

---------- Сообщение добавлено в 11:44 PM ---------- Предыдущее сообщение размещено в 11:41 PM ----------

if i didnt get a new laptop, i could have ruined your Dump Selling Biz....showing everyone proof of your rip...then MR_Redbull might jus Fire your ASS...lol "support of mr_redbull"
and u proud of your poor ass

 

[Ninja]

bobbyazk
Im waiting for you in my icq with proof in a matter of 24hrs

 

[bobbyazk]

paste ur convo with john connell on icq...if you got nothing to hide...

 

[dumpsxp]

oh great news

 

[bobbyazk]

Ninja, ICQ store history on your own computer, so if you change laptop, history is gone....
Jus Ask Sinatra to paste convo here...or

I'm sure you'll see in my PM's that i sent him $70 to do business and that was it....check my PMs Should be there...It was cashout business....

Check you'll see...i dnt have history anymore...I got a new laptop.

 

[Br33k]

Oh.. Guys, it's not 1st exploit for adobe products, but it's rly new. If some1 disagree, plz pm me with _some_ technical detail about this vuln. Btw, i knw much more about that

 

[mrxsailor1]

no exploit sells for 50k you can get a good 0 day for 7k max.

 

[steeky]

no exploit sells for 50k you can get a good 0 day for 7k max.

where?

 

[Ninja]

bobbyazk
Banned for blackmailing.
Remember what calling other person without proofs a ripper will lead you to ban.