Alleged Russian Government Hackers' Attack Linked to Using Adobe Flash Player Zero-Day Threat
Out of an attack dubbed Operation Pawn Storm, security firm Trend Micro is warning that the hackers behind the operation are using unpatched Adobe Flash zero-day flaws to target several Ministries of Foreign Affairs as part of a broader campaign allegedly linked to the Russian government.
On several occasions, we have reported situations where cyber-espionage campaigns would piggyback on other threats to target high-profile entities. In the case of Operation Pawn Storm, overseas government departments and ministries, including the White House and NATO (North Atlantic Treaty Organization) were targeted in an attack that exploited holes in Flash Player. You can think of these attacks thriving off of the basis that there are gaping holes in the security infrastructure of those utilizing Adobe Flash Player, which is well known for its reoccurring vulnerabilities.
Emails that contained fake headlines have been discovered to be used in the Operation Pawn Storm campaign uncovering the idea of the hackers responsible being out of the Russian Government. Many of the fake headlines of the shared emails hint towards starting up serious controversy among adversaries.
Various hacker campaign emails containing the fake headlines used the following topics:
- "Israel launches airstrikes on targets in Gaza"
- "Russia warns of response to reported US nuke buildup in Turkey, Europe"
- "Suicide car bomb targets NATO troop convoy Kabul"
- "Syrian troops make gains as Putin defends air strikes"
- "US military reports 75 US-trained rebels return Syria"
It doesn't take an expert in the field of world studies and foreign affairs to realize that the above subject lines used in the campaign emails were purposely crafted to cause some serious controversy.
Although the idea of the hackers of Operation Pawn Storm has not been confirmed with a 100% certainty of being out of the Russian Government, the organizations that they have targeted gives us a strong conjecture of the original thoughts.
When it comes to Adobe and their vulnerable products, therein lies some serious issues that hackers like those of Operation Pawn Storm can exploit and target large organizations. What is even worse is that Adobe's slow action to respond to zero-day flaws allows hackers to perpetuate their attack efforts. Case in point, Adobe has yet to fix the flaw in their latest version of Flash Player that is used in the new zero-day campaign that could seriously stir up a mess with Russia and both their allies and adversaries.
Adobe is currently aware of the zero-day flaw and says a patch is on the way and due out soon. For now, let's just hope that peace remains until the responsible hackers no longer have a vast platform to attack.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.