Menu
Adobe Flash exploit targets security, public policy sites

Adobe Flash exploit targets security, public policy sites

The attackers appear to be gathering broad intelligence about visitors to three websites, FireEye says

Abobe planned to release an emergency update for Flash Player on Thursday, after security vendor FireEye pointed to a zero-day exploit used by attackers to target visitors to websites of three nonprofits, two of which focus on national security and public policy.

The Flash exploit allowed attackers to target users of the websites of the Peterson Institute for International Economics at PIIE.com, the American Research Center in Egypt at ARCE.org and the Smith Richardson Foundation at SFR.org. The exploit can compromise Flash users on Windows XP or those with Windows 7 who have Java 1.6 or an outdated version of Microsoft Office 2007 or 2010 installed, FireEye said.

The attacks came by remote code injection, with visitors to the affected websites redirected to a server hosting the exploit through a hidden iframe, FireEye said. Representatives of the three websites didn't immediately respond to requests for comments on the attacks.

"We believe the group behind this campaign has sufficient resources ... and is committed to their mission of infecting visitors to a particular type of website," the security company said in its release on the exploit. "The threat actors likely sought to infect users to these sites for follow-on data theft, such as information relating to defense and public policy matters."

The attackers appear to be Chinese speakers and may be the same people engaged in a mid-2012 cyber-espionage campaign, FireEye said.

The attacks, dubbed "Operation GreedyWonk" by FireEye, appear to be focusing on "broad intelligence gathering efforts," Darien Kindlund, threat intelligence manager at FireEye, said via email. "Based on the websites compromised and the typical visitors to those websites, it seems they are currently focused on intel related to foreign and economic policy activities, at this time."

Adobe Thursday released a security bulletin for Flash Player 12.0.0.44 and earlier versions of the software for Windows and Macintosh, and Flash 11.2.202.336 and earlier versions for Linux. One of the patches is likely related to the exploit discovered by FireEye.

Windows users attempting to avoid the attack should consider upgrading from XP to a newer version of the operating system, updating Java, or updating their Office software, Kindlund said. They should also update Flash as soon as a fix is available, he said.

"Even with patching the OS and applications, the attacker could find another way to trigger the Flash vulnerability outside of the browser/apps listed," he said. "As such, the mitigations outlined in the blog are effective at countering the threat at a tactical level, but addressing the Flash vulnerability is still required, as the attacker could change tactics in their next wave of attacks."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags MicrosoftinternetFireEyeExploits / vulnerabilitiesDarien KindlundAbobe

Featured

Slideshows

Reseller News kicks off awards season in 2019 with Judges' Lunch

Reseller News kicks off awards season in 2019 with Judges' Lunch

The 2019 Reseller News Innovation Awards has kicked off with the Judges Lunch in Auckland with 70 judges in the voting panel. The awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors. Photos by Christine Wong.

Reseller News kicks off awards season in 2019 with Judges' Lunch
Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomed 2018 inductees - Chris Simpson, Kendra Ross and Phill Patton - to the third running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing landscape of the technology industry in New Zealand, while outlining ways to attract a new breed of players to the ecosystem. Photos by Gino Demeer.

Reseller News welcomes industry figures for 2019 Hall of Fame lunch
Upcoming tech talent share insights at inaugural Emerging Leaders Forum 2019

Upcoming tech talent share insights at inaugural Emerging Leaders Forum 2019

The channel came together for the inaugural Reseller News Emerging Leaders Forum in New Zealand, created to provide a program that identifies, educates and showcases the upcoming talent of the ICT industry. Hosted as a half day event, attendees heard from industry champions as keynoters and panelists talked about future opportunities and leadership paths and joined mentoring sessions with members of the ICT industry Hall of Fame. The forum concluded with 30 Under 30 Tech Awards across areas of Sales, Entrepreneur, Marketing, Management, Technical and Human Resources. Photos by Gino Demeer.

Upcoming tech talent share insights at inaugural Emerging Leaders Forum 2019
Show Comments