Softpedia >News >Security >Hacking News
Softpedia Homepage   

Adobe Flash Player Zero-Days Used by Hackers Linked to Russian Government

The flaws are still unpatched, security firm says

Oct 14, 2015 08:07 GMT  ·  By
Flash Player zero-days are reportedly being used to compromise government computers
   Flash Player zero-days are reportedly being used to compromise government computers

Security firm Trend Micro warns that attackers involved in Operation Pawn Storm are currently using unpatched Adobe Flash Player zero-day flaws to target several Ministries of Foreign Affairs as part of a broader campaign that's believed to be linked to the Russian government.

Pawn Storm is a massive cyber-espionage campaign that relies mostly on zero-days to launch attacks against several high-profile targets, including overseas government departments and ministries, as well as the North Atlantic Treaty Organization (NATO) and the White House.

This time, attackers are using security holes in Flash Player to launch similar attacks, Trend Micro says, trying to link members of Ministries of Foreign Affairs to websites hosting malicious code to exploit the vulnerabilities.

Emails containing fake headlines on the following topics are said to be used in the campaign:

“Suicide car bomb targets NATO troop convoy Kabul” “Syrian troops make gains as Putin defends air strikes” “Israel launches airstrikes on targets in Gaza” “Russia warns of response to reported US nuke buildup in Turkey, Europe” “US military reports 75 US-trained rebels return Syria”

While this is not yet confirmed, it appears that the hackers involved in both old and new attacks are said to be linked to the Russian government, and judging by the organizations they targeted, this really makes sense.

Zero-days still unpatched by Adobe

What's worse is that although Adobe has already released a new version of Flash Player supposed to fix a number of security vulnerabilities, the zero-days used in this new campaign are said to be left unpatched, which means that the only way to stay secure for the moment is to avoid clicking links that come from unknown sources.

The vulnerable Adobe Flash Player versions are 19.0.0.185 and 19.0.0.207, according to Trend Micro, with the latter released by the company yesterday as part of its monthly patching cycle.

Adobe is already aware of the zero-day, the security firm says, so expect an out-of-band patch anytime soon.