Hackers are manipulating a previously unidentified vulnerability patched in Adobe’s Flash Player. Due to the vulnerability (which was said to be patched in past) attackers can secretly install malware on consumers’ systems, security experts warned on Tuesday. Hacks used to take complete control on consumers’ systems when they surf booby-trapped websites.
The weakness had been previously utilized by Pawn Storm in hacking against different governments, according to Trend Micro. Security Firm’s researchers reckon the zero-day works on 220.127.116.11 and 18.104.22.168 versions, the end meaning the weakness is present in the latest version of the Adobe Flash Player.
Trend’s researchers published an article saying that the Pawn Storm currently uses a zero-day – unidentified—vulnerability of Adobe Flash. Pawn Storm has hacked many governments recently and has also attacked journalists and politicians. Microsoft devices, iOS games, and iOS users were under attack of Pawn Storm. In some cases, it was tied to the government of Russia as it was utilized to spy on military members and officials of Western media, as per Trend Micro’s report.
As a consequence, the news has headed to renewed appeals for consumers to delete Flash.
How to patch flash 0-day:
1) Uninstall flash
2) You don't need flash
3) Stop installing flash
— MalwareTech (@MalwareTechBlog) October 13, 2015
The vulnerability is in its early stage; no further technical information are available. The experts wrote:
In this most recent campaign of Pawn Storm, several Ministries of Foreign Affairs received spear phishing e-mails. These contain links to sites that supposedly contain information about current events, but in reality, these URLs hosted the exploit. In this wave of attacks, the emails were about the following topics: “Suicide car bomb targets NATO troop convoy Kabul” “Syrian troops make gains as Putin defends air strikes” “Israel launches airstrikes on targets in Gaza” “Russia warns of response to reported US nuke buildup in Turkey, Europe” “US military reports 75 US-trained rebels return Syria” It’s worth noting that the URLs hosting the new Flash zero-day exploit are similar to the URLs seen in attacks that targeted North Atlantic Treaty Organization (NATO) members and the White House in April this year.
The spokesperson from Adobe stated that, the experts received a proof of vulnerability on Tuesday, and they are investigating the exploit. If confirmed, the company is expected to issue an urgent patch to the vulnerable versions.
Many internet browsers by default run a mechanism that restricts Flash-based material for every website visited unless apparently allowed by the user. Or the best way is to delete the Flash altogether.