Published: August 7th, 2013

Remember those vulnerabilities you patched up last year? You more than likely have forgotten about them since they have been dealt with. But those hackers haven’t and they are now exploiting them, according to the latest study conducted by network security vendor Fortinet.

Solution providers who have patched up Ruby on Rails, Java, Adobe Acrobat and Apache can no longer rest on their laurels. The FortiGuard report has found that hackers are still exploiting those old holes.

Last January, for example, a critical vulnerability in the Ruby on Rails Framework could enable a remote hacker to execute code on the underlying Web server. Ruby on Rails is a Web app framework for the Ruby programming language. Ruby makes Web 2.0 Web sites easily deployable.

FortiGuard Labs’ chief strategist Richard Henderson said the exploit involved a flaw in the XML processor deserialization routine, which is used to create Ruby objects on the fly. Ruby on Rails was patched to correct the flow, but four months later it was discovered that a hacker or a group of hackers started searching for unpatched Web servers in order to infect them with software.

The same occurred with Java’s zero-day hole also in January and Acrobat in February.

The FortiGuard Labs observed a 30 per cent increase in mobile malware in the last six months. The Fortinet security technicians are now seeing more than 1,300 new samples per day and has been tracking approximately 300 new Android malware families leading to more than 250,000 unique malicious Android samples.

At the heart of the problem is the Bring Your Own Device (BYOD) trend. The study found that many businesses are lax in their BYOD company policy and the threat of mobile malware infecting the user’s device and business network has gone up.

Axelle Apvrille, senior mobile anti-virus researcher at FortiGuard Labs, said that three years ago mobile malware wasn’t much of a concern for users or businesses since most of the smartphone malware at the time was centred on the annoying Cabir virus. But now, as mobile devices have proliferated, cyber-criminals are capitalizing on the growing user base.

In 2013, the mobile threat landscape has changed since the Symbian OS days of early 2009. Wide scale manufacturer adoption of Google’s Android OS globally has led to an explosion of smartphones in the marketplace. Now there is the threat of Ramsonware. Henderson said that Ransomware has been incredibly successful financially for cyber-criminals.

“The Fake Defender malware for Android follows the same M.O. as PC fake anti-virus software – it pretends to be altruistic, but in reality, it lies in wait to launch its true form. This malware then locks the victim’s phone and demands payment before unlocking the device. Once the phone is locked, the victim can either pay the ransom or completely erase their device, losing all their photos and data unless they have a full back-up elsewhere,” Henderson said.

More Articles