Adobe Flash 0day: North Korea behind the exploit being released

Last week, South Korea's CERT recognized a exploit on 28.0.0.137 (and all previous versions of course) that could allow remote code execution on Windows, macOS, Linux and Chrome OS.Adobe Flash

Adobe immediately announced in a security bulletin that it would fix the vulnerability in the version scheduled for release this week. … On time, only how exploit is released…

The Cisco's Talos division stated that the payload contained in an Excel was ROKRAT and refers to Group 123.

"Group 123 has joined some hacking elites in this latest ROKRAT payload.
"They used an Adobe Flash Zero Day that was beyond their previous capabilities - they used exploits in previous campaigns but never had a completely new exploit like they do now," say Talos researchers Warren Mercer and Paul Rascagneres.

"Although in Talos we have no information about victims, we suspect that the victim was a very specific and high-value target. The use of a brand new exploit, which did not exist, shows that they were very determined to succeed in the attack. "

FireEye, on the other hand, said the malware file should come from North Korea, known as TEMP.Reaper.

While Adobe suggests that administrators could use Protected View for Office to protect them, FireEye stressed that it is very likely that we will see more attacks until the vulnerability is repaired.

Last July, Adobe announced it would stop supporting Flash on 2020, with Microsoft claiming to completely remove Flash support from Windows in the same year.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).