Russian Hacker Group APT28 Used Unpatched Adobe, Windows Exploits To Infiltrate US Government Networks

According to US-based security research firm FireEye, a Russian group it dubs APT28 is responsible for attacking a number of different government agency computers through exploitation of previously unknown vulnerabilities in Adobe Flash and Microsoft Windows.

To exploit a vulnerable system, attackers took advantage of a buffer overflow issue in Flash through the use of malformed FLV files and gain remote code execution. On the Windows side, the core issue is a local escalation of privilege flaw which isn't critical by itself, but is made so when paired with the Flash vulnerability.

Adobe Flash Update

As of the time of writing, Microsoft still hasn't patched its OS issue (but a fix is in the works), but the Flash flaw, called CVE-2015-3043, was patched and released last Tuesday - so be sure to update.

According to FireEye, the latest attacks began occurring on April 13, and after poring over all of the information and comparing the attacks to previous ones, it's confident that the Russian APT28 is responsible. Reuters says that with their access, APT28 was able to obtain some documents, but it appears that nothing classified had been taken. It seems that the worst of it is that these attackers now know of president Obama's upcoming travel plans.

So, when is the death of Adobe's Flash supposed to occur again?


Via:  FireEye
Show comments blog comments powered by Disqus