The Adobe Flash Player has a serious bug that has been exploited to steal files from computers.
The earlier unknown. It affects both the current version of the Adobe Flash Player (126.96.36.199), along with earlier versions.
On Thursday, Adobe Systems issued a security advisory that users. “
One security researcher has claimed that North Korea hackers were behind the attacks. Simon Choi, a director at the security firm Hauri, tweeted that the assaults occurred in mid-November, and were targeting South Koreans who were conducting research on North Korea.
Flash 0day vulnerability 2017. They attacked South Koreans who mainly do research on North Korea. (no patch yet) pic.twitter.com/bbjg1CKmHh– Simon Choi (@issuemakerslab) February 1, 2018
On Friday, Cisco's Talos security group corroborated some of those findings. To deliver the attacks, the hackers have been using Microsoft Excel documents, which have been rigged to exploit the vulnerability. Once the document is opened, a Flash application embedded inside will exploit the vulnerability to the hacking group Talos calls “Group 123, “which has been harassing the South Korean targets with phishing emails. In the past, the hackers have used the remote administration tool to lift documents from infected computers, take screenshots and steal passwords from browsers.
Cisco Talos after a “high value target.”
“Utilizing a brand new exploit, not seen in the wild, displays they were very determined to ensure their attack worked,” Cisco Talos said.
South Korea's computer emergency response team KrCERT / CC initially reported the flaw to Adobe, which plans on patching the vulnerability next week. In the meantime, you can choose to disable the Flash Player, which can be done by changing the settings of your internet browser.http://platform.twitter.com/widgets.js