The Russian hacker group Pawn Storm is using a vulnerability in Adobe Flash Player to install malware on computers belonging to several “foreign ministries,” Trend Micro researchers reported Tuesday.
Pawn Storm “is the most significant cyber-espionage threat to the U.S. government and her NATO partners,” Trend Micro’s chief cybersecurity officer, Tom Kellermann, said in an email to The Daily Caller News Foundation. The exploit contains similarities to that which occurred on the White House just months ago, researchers found. That particular score allegedly resulted in a trove of Obama’s “unclassified” emails. (RELATED: Pentagon Computers Were Hacked Again)
Adobe sent out a security advisory bulletin Wednesday warning of a “critical vulnerability” in a recent edition of Adobe Flash Player that affected Windows, Linux, and Macintosh platforms. If hackers successfully exploit the program, the bulletin warned they could cause a “crash and potentially allow an attacker to take control of the affected system.”
To breach a target’s security, the hackers would send spear phishing-emails that appeared to be legitimate, including links apparently leading to information about geopolitical events. (RELATED: Russia-Based Hackers Attempted To Hack Clinton Email Server)
Those attacks were on foreign officials, but Trend Micro notes the URLs used are similar to those used in April attacks on the North Atlantic Treaty Organization and the White House.
Adobe is expected to release a fix for the vulnerability next week.
Pawn Storm tends to favor this type of “elegant” spear-phishing attack, Kellermann told TheDCNF, which is uniquely deliberate. Russian cyber hackers are “very selective” in who they target, he said. “So far, hundreds have been impacted.”
Kellermann identified civilian government agencies, the Department of Defense and NATO as three potentially high value targets if Russian hackers want to target the U.S.
Spear phishing is a targeted email that appears to be from an individual or business that seems familiar, but is actually from someone attempting to gain unauthorized access to your computer. They might be personalized, or reference a mutual friend or recent online purchase you’ve made.
“Suicide car bomb targets NATO troop convoy Kabul,” one line of the lines hackers used in the more recent Adobe attacks read. “Syrian troops make gains as Putin defends air strikes,” read another. If the foreign official opened the email and clicked on the link, the Flash Player vulnerability would allow the hacker to takeover the system.
Follow Steve Ambrose on Twitter
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact licensing@dailycallernewsfoundation.org.
All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact licensing@dailycallernewsfoundation.org.