Adobe Flash Zero Day Exploit Used In Pawn Storm Attacks Infiltrates Government Agencies

The security gurus at Trend Micro believe that the cyber attackers behind Pawn Storm are performing their dirty deeds by way of a new zero-day vulnerability in none other than Adobe's Flash platform. Shocking that Flash is at the root of it all, isn't it? This is where we all feign surprise, sarcastically of course.

In case you're not familiar, Pawn Storm is the name of a cyber espionage campaign that's had high profile targets in its sights. Trend Micro also says that Pawn Storm represents the first use of a Java zero-day that it's seen in the last couple of years, with the affected vulnerability assigned the CVE number CVE-2015-7645.

Adobe

It's essentially another phishing campaign. Emails containing malicious links are sent out to targets in hopes that they'll click on them. To encourage potential victims to do that, the emails and URLs appear to lead to current events with email subjects like "Suicide car bomb targets NATO troop convoy Kabul" and "Russia warns of response to reported U.S. nuke buildup in Turkey, Europe."

Trend Micro says the URLs hosting the new zero-day exploit in Flash are similar to the URLs that were associated with attacks targeting NATO members and the White House earlier this year. In this case, the Flash zero-day exploit affects Adobe Flash Player versions 19.0.0.185 and 19.0.0.207, and potentially other versions as well.

The security outfit has notified Adobe of the exploit and is working with the firm to patch it up.