If you get this 'phishy' looking email from Adobe, don't open it
AP Images
The campaign was uncovered by Volexity founder Steven Adair and reportedly uses one of the vulnerabilities revealed in the June 6 Team Hacking leaks.
The Team Hacking leak occurred over the weekend when hackers successfully stole and posted online over 400GB of the surveillance software company's data. The data included the source code for Team Hacking's spy tools and the details of the vulnerabilities they exploit.
The attacks use a "spear phishing" strategy to infect their victims. "Spear phishing" is a type of cyber attack in which hackers attempt to dupe victims into installing malware by sending malware-ridden emails that are made to look like legitimate messages from respectable sources.
"The attackers launched spoofed email messages purporting to be from Adobe. The email messages references an Adobe Flash update and encourages the recipients to click a link to download and install the update," Adair explained in a threat advisory.
If clicked the link in the email installs data stealing malware on the victim machine using the Flash flaw.
The Flash flaw mentioned in Volexity's advisory is one of the most dangerous vulnerabilties to come out of the Team Hacking leaks and was targeted by common cyber criminals mere moments after being published online.
The new attacks are believed to stem from a well known Advanced Persistent Threat (APT) group known as Wekby. APT is a term used in the security community to refer to particularly advanced and dangerous hacker cartels.
The Wekby group became famous in 2014 when it was linked to high profile targeted attacks against health care organisations such as Community Health Systems. The attacks are believed to have compromised 4.5 million patients' Social Security numbers and personal data.
The new campaign is less sophisticated than Wekby's past efforts and reportedly uses the same fake avangils@adobe.com email address in all its attacks, meaning the messages are fairly easy to spot. Adobe has also released a patch update for the Flash flaw being targeted, meaning users running up to date software should be safe.
The Hacking Team zero day is one of many Flash flaws uncovered in recent weeks.
In June researchers at FireEye uncovered a separate Flash vulnerability being used by the "Clandestine Wolf" group of hackers to attack businesses in the aerospace, defence, construction, technology, and telecoms industries.
Flash's hacker woes are believed to stem from the fact Adobe didn't design it with security in mind. The firm exacerbated these problems an created more undocumented holes Flash's defences by stretching it to run on as many operating systems, devices and browsers as possible.
- I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
- Saudi Arabia wants China to help fund its struggling $500 billion Neom megaproject. Investors may not be too excited.
- Colon cancer rates are rising in young people. If you have two symptoms you should get a colonoscopy, a GI oncologist says.
- 2024 LS polls pegged as costliest ever, expenditure may touch ₹1.35 lakh crore: Expert
- 10 Best things to do in India for tourists
- 19,000 school job losers likely to be eligible recruits: Bengal SSC
- Groww receives SEBI approval to launch Nifty non-cyclical consumer index fund
- Retired director of MNC loses ₹25 crore to cyber fraudsters who posed as cops, CBI officers