Just as day follows night, and just as UbiSoft thinks up new and amazing game elements to strip away and charge microtransactions for, another zero-day exploit has been discovered for Adobe Flash. But this isn’t any old zero-day exploit, it’s an exploit found in the fully patched version of Flash.
The vulnerability, discovered by Trend Micro yesterday, allows attackers to secretly install malware on computers that carry Flash versions 184.108.40.206 and 220.127.116.11, and possibly earlier versions, too. Attacks exploiting the vulnerability have so far only targeted government agencies, undertaken as part of cyber-espionage initiative Operation Pawn Storm. The researchers from Trend Micro wrote:
In this most recent campaign of Pawn Storm, several Ministries of Foreign Affairs received spear phishing e-mails. These contain links to sites that supposedly contain information about current events, but in reality, these URLs hosted the exploit. In this wave of attacks, the emails were about the following topics:
“Suicide car bomb targets NATO troop convoy Kabul”
“Syrian troops make gains as Putin defends air strikes”
“Israel launches airstrikes on targets in Gaza”
“Russia warns of response to reported US nuke buildup in Turkey, Europe”
“US military reports 75 US-trained rebels return Syria”
It’s worth noting that the URLs hosting the new Flash zero-day exploit are similar to the URLs seen in attacks that targeted North Atlantic Treaty Organization (NATO) members and the White House in April this year.
Operation Pawn Storm has hit a number of foreign agencies over the last few months, including politicians and journalists in Russia and iOS devices used by Western governments and news outlets.
Oh, and don’t use Flash.
Thank you Ars Technica for providing us with this information.
Image courtesy of Wikimedia.