Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Advertisement

×

Message

EU e-Privacy Directive

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

You have declined cookies. This decision can be reversed.

Adobe Flash vulnerability exploited by BlackOasis hacking group to plant FinSpy spyware

Written by  Oct 16, 2017

FinSpy, also known as FinFisher, is a commercial malware that is typically sold to nation states and law enforcement agencies for surveillance purposes. BlackOasis, on the other hand, has used it against a wide range of targets across the globe.

"This appears to suggest that FinSpy is now fuelling global intelligence operations, with one country using it against another," Kaspersky said. "Companies developing surveillance software such as FinSpy make this arms race possible. The malware used in the attack is the most recent version of FinSpy, equipped with multiple anti-analysis techniques to make forensic analysis more difficult."

According to Kaspersky's assessment, BlackOasis targets various figures involved in Middle Eastern politics, including key people in the United Nations, opposition bloggers, activists and regional news correspondents.

In 2016, researchers said they observed heavy interest in Angola "exemplified by lure documents indicating targets with suspected ties to oil, money laundering and other activities".

The hacking group has also shown interest in international activists and think tanks, researchers noted. Kaspersky said victims have so far been observed in Russia, Iraq, Afghanistan, Saudi Arabia, Iran, Nigeria, Libya, Jordan, Tunisia, Bahrain, Angola, the United Kingdom and the Netherlands.

Researchers believe that the BlackOasis group also targeted another zero-day exploit – CVE-2017-8759 – in September.

"The attack using the recently discovered zero-day exploit is the third time this year we have seen FinSpy distribution through exploits to zero-day vulnerabilities," Anton Ivanov, lead malware analyst at Kaspersky Lab, said.

"Previously, actors deploying this malware abused critical issues in Microsoft Word and Adobe products. We believe the number of attacks relying on FinSpy software, supported by zero-day exploits such as the one described here, will continue to grow."

Kaspersky notified Adobe of the vulnerability and the company has already issued an advisory and a patch to address the issue that affected Google's Chrome, Microsoft's Edge, Internet Explorer browsers and desktop versions.

The news comes after Adobe announced in July plans to retire its once pivotal Flash plugin by the end of 2020 that has since been replaced by website developers with alternatives such as HTML5 to display video and media.

Adobe's Flash player has suffered from a litany of software bugs in recent years that have been exploited by hackers in the past.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Advertisement

  1. Popular
  2. Trending
  3. Comments

Advertisement

Calendar

« July 2017 »
Mon Tue Wed Thu Fri Sat Sun
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31            

Tech Bargains