by Omri Herscovici & Liran Englender
From our company’s blog (Check Point Software Technologies):
In recent years, exploit-kits have become one of the most common platforms for malware distribution.
One of the exploits coming from Infinity exploit-kit exploits a security vulnerability in Microsoft Silverlight.
Compared to other technologies like Java, PDF, Flash, etc. – Silverlight exploits are less common. Just to get a rough feeling, according to cvedetails.com, from 2010 to 2014, 15 vulnerabilities were reported for Microsoft Silverlight , while Adobe Acrobat Reader had 268 vulnerabilities, Adobe Flash Player had 321 vulnerabilities; Microsoft Internet Explorer had 392 vulnerabilities and Java with at least 358 vulnerabilities. However, Microsoft Silverlight exploits, specifically CVE-2013-0074, are still delivered in active and well known exploit kits.
The blog post, including analysis PDF is availble here:
Infinity EK Payload Decrypter Script: