Adobe Warns Users About Hacking

Zero-day vulnerability discovered by Kaspersky Lab.

Adobe’s Flash Player has been the go-to multimedia choice for years, but a new announcement from the company could spur users into exploring their other options. The company has announced that a vulnerability in the program could allow hackers to exploit a hole and work their way in.

Kaspersky Lab first discovered the zero-day vulnerability already in use “in the wild” by hacking group BlackOasis, and says the exploit is being used to install FinSpy or FinFisher, a known commercially-available law enforcement surveillance tool, on a variety of global targets. The workaround is getting the victims’ computer connected to command-and-control servers in Switzerland, Bulgaria, and the Netherlands then installing FinSpy.

BlackOasis APT targeted attacks leveraging zero-day exploit.

Third time’s a charm

Anton Ivanov discovered the zero-day, the third of its kind this year that leads to installation of FinSpy. Kaspersky Lab has worked closely with Adobe to clarify the exploit, leading the company to issue a patch for three different affected browser systems that run Flash: Chrome, Edge, and Internet Explorer. Both companies recommend installing the patch immediately, as this vulnerability is still active.

Watching closely

Kaspersky Lab has been paying close attention to BlackOasis’ work for quite some time. In a report on this recent finding, the company stated, “BlackOasis’ interests span a wide gamut of figures involved in Middle Eastern politics and verticals disproportionately relevant to the region. This includes prominent figures in the United Nations, opposition bloggers and activists, and regional news correspondents.

“During 2016, we observed a heavy interest in Angola, exemplified by lure documents indicating targets with suspected ties to oil, money laundering, and other illicit activities. There is also an interest in international activists and think tanks. Victims of BlackOasis have been observed in the following countries: Russia, Iraq, Afghanistan, Nigeria, Libya, Jordan, Tunisia, Saudi Arabia, Iran, Netherlands, Bahrain, United Kingdom and Angola.”

Information on Adobe’s patch for this flaw can be found by clicking here, along with the downloads for different browsers.