A cybercrime article from 2011 named as “Cybercrime: is it out of control?” on the website of Guardian has been found to be serving up the Angler Exploit Kit.
The Angler Exploit Kit is a Web-based utility toolbelt that hackers use to test the defenses of a user’s computer.
The problem was discovered by FireEye Labs on December 01 which noticed that this instance of Angler infection this not come from a tainted ad but visiting the Guardian’s article about cybercrime.
Visiting the page would execute an embedded script to redirect the reader’s browser to an Angler Exploit Kit landing page.
This particular vulnerability enables a “God Mode” on infected PCs, giving attackers control over every face of the user’s machine.
Angler exploit kit also scans for the Flash-based CVE-2015-5122, CVE-2015-5560, and CVE-2015-7645 vulnerabilities which are less powerful intrusions, compared to the Windows OLE one, but dangerous nevertheless.
These vulnerabilities have been fixed by Microsoft and Adobe, and users who keep their systems up to date have nothing to fear while reading the article on Guardian.
Meanwhile, Guardian has assured to fix the contaminated links on its website.
This news came days after Angler was found serving malvertising to visitors of video site DailyMotion.