Adobe is rushing to patch another zero-day vulnerability in the latest version of Flash Player which allows attackers to create backdoors by targeting advertising platforms.
Trend Micro discovered the flaw which uses the Angler Exploit Kit in automatic pop-up adverts found on popular sites such as Dailymotion.
The so-called 'malvertising' tricks internet users into clicking on an infected advert that sets off a chain of windows, eventually directing browsers to a URL where the exploit is hosted.
The malware then automatically downloads onto a victim's machine, creating a backdoor for hackers to install other malware or steal credentials such as credit card details.
"We've seen around 3,294 hits related to the exploit and, with an attack already seen in the wild, it's likely there are other attacks leveraging this zero-day, posing a great risk of compromise to unprotected systems," he wrote.
Adobe's threat advisory said that the company will release a patch in the next seven days to plug infected versions of the Flash Player.
"A critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player 184.108.40.2066 and earlier versions for Windows and Macintosh. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system," read the advisory.
The exploit also affects Adobe Flash Player 220.127.116.114 and earlier 13.x versions, and Adobe Flash Player 18.104.22.1680 and earlier versions for Linux.
Trend Micro recommends disabling Flash Player until a patch is rolled out.
Bharat Mistry, cyber security consultant at Trend Micro, told V3 that it is difficult to determine the danger of the exploit owing to the different motives of hackers and the varied threats the exploit could pose.
"It really depends on how [a hacker] uses the exploit. Once that backdoor is opened, it's down to the attacker to decide what they actually do with it," he explained.
"In most cases it could be that they are just after credentials. If it's a consumer, they'll probably be after banking details, or they might just sit in the background doing nothing.
"But if it lands on a corporate machine, it can be possibly used to do more damage. It could be intellectual property theft, it could be sabotage depending on where [the hackers] have landed and what they are trying to do.
"But from our initial research it looks like only the US has been targeted at the moment."
Mistry added that, while it is difficult to say at the moment, the origin of the threat is mostly likely the Far East where "the majority of these exploits come from at the moment".
The latest Flash Player exploit follows another found on 26 January which forced Adobe to issue a zero-day emergency fix.
IBM software case reminiscent of TSMC trade secrets theft claim
iPhone 8 specs, release date, price, features, basically everything! But will it have a curved display?
CISO pay boom as security become a boardroom concern