Adobe is rushing to patch another zero-day vulnerability in the latest version of Flash Player which allows attackers to create backdoors by targeting advertising platforms.
Trend Micro discovered the flaw which uses the Angler Exploit Kit in automatic pop-up adverts found on popular sites such as Dailymotion.
The so-called 'malvertising' tricks internet users into clicking on an infected advert that sets off a chain of windows, eventually directing browsers to a URL where the exploit is hosted.
The malware then automatically downloads onto a victim's machine, creating a backdoor for hackers to install other malware or steal credentials such as credit card details.
"We've seen around 3,294 hits related to the exploit and, with an attack already seen in the wild, it's likely there are other attacks leveraging this zero-day, posing a great risk of compromise to unprotected systems," he wrote.
Adobe's threat advisory said that the company will release a patch in the next seven days to plug infected versions of the Flash Player.
"A critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player 22.214.171.1246 and earlier versions for Windows and Macintosh. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system," read the advisory.
The exploit also affects Adobe Flash Player 126.96.36.1994 and earlier 13.x versions, and Adobe Flash Player 188.8.131.520 and earlier versions for Linux.
Trend Micro recommends disabling Flash Player until a patch is rolled out.
Bharat Mistry, cyber security consultant at Trend Micro, told V3 that it is difficult to determine the danger of the exploit owing to the different motives of hackers and the varied threats the exploit could pose.
"It really depends on how [a hacker] uses the exploit. Once that backdoor is opened, it's down to the attacker to decide what they actually do with it," he explained.
"In most cases it could be that they are just after credentials. If it's a consumer, they'll probably be after banking details, or they might just sit in the background doing nothing.
"But if it lands on a corporate machine, it can be possibly used to do more damage. It could be intellectual property theft, it could be sabotage depending on where [the hackers] have landed and what they are trying to do.
"But from our initial research it looks like only the US has been targeted at the moment."
Mistry added that, while it is difficult to say at the moment, the origin of the threat is mostly likely the Far East where "the majority of these exploits come from at the moment".
The latest Flash Player exploit follows another found on 26 January which forced Adobe to issue a zero-day emergency fix.
J1043+2408 was observed for more than 10 years, and its radio light curve exhibited a periodic signal repeating in about 563 days
Success of Unity's test flight means Virgin Galactic is now close to taking its first paying tourist into space
V3 puts the pro-level football GPS tracker through its paces, and asks if it's more than a gimmick
Finding refutes many earlier studies that suggest that galaxies don't have much dark matter at the time of their birth