Sunday, 12 July 2015

Flash Player Leak Attacked Via Email With "Flash Update"

Besides cyber criminals now also create different groups that engage in cyber espionage using the vulnerability in Adobe Flash Player which this week released a patch appeared. It is about the vulnerability where the Italian Hacking Team had.

A hacker who managed to break into the company made 400 GB of data captured and put it online. In the files the Flash Player flaw was found and an exploit that allows its use. The exploit was quickly added to cyber criminals exploit kits and has been included in the Metasploit program. Now reporting anti-virus company ESET and security Volexity which called APT groups use the exploit in targeted attacks. It mainly involves attacks via e-mail.

The attack where Volexity warns consists of an e-mail masquerading as a message from Adobe. In the message, users are encouraged to update Flash Player using the attached link. The link does not point to the Adobe website, but to a page this week patched Flash vulnerability is trying to attack. Is the attack successful, malware is installed on the computer with which the attackers have full access and control over the computer.

Second attack

Also in the case of the attack that ESET is reported using email made ​​to lure victims to a malicious website. The link in the email points to a landing page that collects all sorts of data on the computer. In the event that your computer meets certain requirements, such as language and time zone, the exploit is loaded. Again, concerns the exploits based on the code of the Italian Hacking Team.

If the attack succeeds, then a backdoor installed. The backdoor also uses a different exploit where Hacking Team on disposal and that it is possible for an attacker to increase his rights to Windows. This Windows vulnerability, which can only be attacked if the attacker already has access to the system, no update is available.

No comments:

Post a Comment