Multiple Malware, One Exploit: How HTML_SHELLCOD.SM Operates
It is inevitable for vulnerabilities that can be exploited in commercial software to exist.
The reasons for this are innumerable and may range from faulty code to operational conflicts with other commercial software. Vulnerabilities, especially zero-day vulnerabilities, are particularly dangerous due to the potential havoc they can wreak upon unsuspecting, unprotected users. These allow cyber criminals to send commands to an infected system, pushing it to perform unauthorized actions.
It then follows that eagle-eyed cybercriminals looking to further their malicious money-making machinations will seek to exploit all of the vulnerabilities present in the most efficient way possible.
HTML_SHELLCOD.SM, a recently discovered malware that took advantage of a certain vulnerability in Internet Explorer (IE), is a prime example of this in motion. We detect all files targeting the said IE vulnerability as HTML_SHELLCOD.SM. It exemplifies how a single vulnerability can be exploited to allow devastating malware payloads to run on a system or network, including stealing sensitive and confidential information.
How does this threat attack users?