A critical flaw in Adobe's Flash player has appeared on the cyber black market
A critical security hole recently found in Adobe Flash, known as a zero-day vulnerability because it was previously undiscovered, is being exploited by cyber criminals after Adobe released a rush fix.
The Adobe Flash plugin vulnerability, known to have been used by the infamous "Clandestine Wolf" hacker group, was originally spotted by researchers at security firm FireEye, who detected a number of phishing messages targeting businesses in the aerospace, defence, construction, technology, and telecoms industries using it last week.
The attacks leveraged the Flash flaw to steal data from the victim machines and move laterally through company networks.
While serious, the flaw's scope was originally viewed to be quite limited as it was only one being used by the group "Clandestine Wolf" and Adobe released a fix.
Clandestine Wolf, who in the past has been called APT3 and Clandestine Fox, is a hacker group that has targeted numerous government departments and businesses across the world over the last year.
Since then, the Flash flaw's potential for harm has grown as independent security researcher "MalwareDontNeedCoffee" has seen various groups begin targeting it using the Magnitude exploit kit.
"Patched four days ago with Flash 18.0.0.194, the CVE-2015-3113 has been spotted as a zero-day by FireEye, exploited in limited targeted attacks. It's now making its path to Exploit Kits," he wrote in a threat advisory.
Exploit kits are attack tools commonly traded on underground online black markets that let criminals, who may not have strong computer skills, mount cyber attacks.
The rapid addition of the Adobe flaw to exploit kits has caused concern within the security community, with many feeling most businesses will not have had time to install the Adobe fix.
Jérôme Segura, Malwarebytes' senior security researcher, said in a blog post that he expects to see more exploit kits add functionality for the flaw and equally serious Flash bugs to appear in the very near future.
"We can expect other exploit kits to follow suit very soon and start delivering this latest vulnerability," Segura wrote.
"Without a doubt, this is the year of Flash zero-days and many are already suggesting to take drastic measures such as completely uninstalling the plugin."
Flash is commonly viewed as one of the most insecure pieces of software by security professionals and has been targeted by numerous state and criminal hacking groups.
FireEye uncovered another targeted attack campaign, codenamed "RussianDoll" using Adobe Flash vulnerabilities in a series of targeted attacks in April.
Prior to it, Adobe was forced to patch three zero-day vulnerabilities in January and February, one of which was similarly targeted by the Angler exploit kit.
- A centenarian who starts her day with gentle exercise and loves walks shares 5 longevity tips, including staying single
- A couple accidentally shipped their cat in an Amazon return package. It arrived safely 6 days later, hundreds of miles away.
- FSSAI in process of collecting pan-India samples of Nestle's Cerelac baby cereals: CEO
- India's e-commerce market set to skyrocket as the country's digital economy surges to USD 1 Trillion by 2030
- Top 5 places to visit near Rishikesh
- Indian economy remains in bright spot: Ministry of Finance
- A surprise visit: Tesla CEO Elon Musk heads to China after deferring India visit
- Unemployment among Indian youth is high, but it is transient: RBI MPC member
- JNK India IPO allotment date
- JioCinema New Plans
- Realme Narzo 70 Launched
- Apple Let Loose event
- Elon Musk Apology
- RIL cash flows
- Charlie Munger
- Feedbank IPO allotment
- Tata IPO allotment
- Most generous retirement plans
- Broadcom lays off
- Cibil Score vs Cibil Report
- Birla and Bajaj in top Richest
- Nestle Sept 2023 report
- India Equity Market