Trend Micro finds Flash exploit utilized by Russian hackers in Pawn Storm attacks

exploit
An exploit in recent versions of Adobe Flash Player has been linked to recent cyber-attacks carried out by Russian hacker group Pawn Storm.

The group has become infamous for their high-profile attacks on targets like the German Parliament and French television network TV5Monde. The group is now targeting a global array of foreign affairs ministries, according to a report from security intelligence blog Trend Micro.

Pawn Storm is using methodology similar to that employed in cyber-attacks against the White House and NATO earlier in the year. The technique is known as spear phishing, which differs from standard phishing practices in that it targets specific individuals rather than broad swathes of users.

Emails with subject headings like ‘Syrian troops make gains as Putin defends air strikes’ and ‘Israel launches airstrikes on targets in Gaza’ were sent to targets with links purportedly leading to more information attached. These URLs would in fact lead to a platform for the Flash Player exploit to take hold.

It’s also thought that the group set up fake Outlook Web Access servers for several ministries that were targeted, which led to some credentials being stolen. Trend Micro suggests that one ministry found that its DNS settings for incoming email had been compromised as a result.

It’s worrying to see that a hacker group like Pawn Storm — also referred to as the Sofacy group and APT28 — is able to target ministries around the world with such success. However, it’s not surprising to see the organization’s reach, given the broadly held belief that the outfit maintains strong ties with the Russian government.

Trend Micro has shared its findings with Adobe, and at present the two companies are working on a method of fixing the exploit and ensuring that similar breaches don’t happen again in the future.

Mobile

Think iPhones can’t get viruses? Our expert explains why it could happen

If your iPhone has been acting strangely, then you may be concerned about the possibility it is infected with a virus or some malware. We take a look at just how likely that is and explain why iOS is considered relatively safe.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.
Gaming

Our Fortnite: Battle Royale building tips and tricks will help you survive

Fortnite: Battle Royale sets itself apart from PlayerUnknown's Battlegrounds with its building mechanics. From gathering resources, to making cover on the fly, to building towers, here is how to build like a pro.
Gaming

These are the must-have games that every Xbox One owner needs

More than four years into its life span, Microsoft's latest console is finally coming into its own. From Cuphead to Halo 5, the best Xbox One games offer something for players of every type.
Cars

Nvidia’s new simulator brings virtual learning to autonomous vehicle developers

Nvidia introduced a simulator for testing autonomous vehicle technologies. Drive Constellation is a cloud-based platform technology vendors can use to validate systems efficiently, safely, and much faster than with vehicles on real roads.
Photography

Paper designs digitize in real time using an Illustrator-connected paper tablet

Love graphic design, but prefer the feel of real paper? The new Moleskine Paper Tablet - Creative Cloud Connected syncs with Adobe Illustrator in real time, turning paper sketches into digital drawings.
Product Review

4K and 144Hz? Yup, the Acer Predator XB3 will max out your gaming PC

The Predator XB3 isn’t for the faint of heart. But if you have a system that can push over 100 frames per second in 4K screen resolution, this monster of a monitor might be the perfect match for your overpowered gaming rig.
Computing

Make the most of your toner with our five favorite color laser printers

Color laser printers have improved dramatically over the years, and today's models offer both blazing print speeds and great image quality. Here are our favorite color laser printers, from massive all-in-ones to smaller budget options.
Computing

Firefox 66 is here and it will soon block irritating autoplay videos

Do web advertisements have you frustrated? Mozilla is here to help. The latest version of the browser will soon block autoplaying videos by default and will also help make web page scrolling smoother.
Computing

USB4 will be the fastest and most uniform USB standard yet

USB4 is on the horizon and alongside a massive boost in speed it's also unifying with the Thunderbolt 3 standard to help finally create a singular wired connection protocol that all devices can enjoy.
Computing

The U.S. government plans to drop $500M on a ridiculously powerful supercomputer

The U.S. Department of Energy has announced plans to build a $500 million exascale supercomputer by 2021. The project, known as the Aurora supercomputer, is expected to boost research efforts in fields such as public health.
Buying Guides

Apple has powered up its iMac lineup, but which one should you opt for?

With new processors and graphics cards for both the 4K and 5K models, the iMac feels like a good option for creatives again. But which should you buy? Here's our guide to choosing the right Apple all-in-one for your needs.
Computing

HP spring sale: Save up to 58 percent on laptops, desktops, printers, and more

From now until March 23, the HP spring sale lets you take as much as 58 percent off of a huge range of laptops, desktop PCs, printers, and more, potentially saving you more than $1,000. We’ve rounded up a dozen of the best deals right…
Computing

Yes, Apple’s new iMacs look great, but they do have one glaring problem

With processors ranging up to the eight-core Core i9, the 2019 iMac update looks like a pretty solid upgrade to Apple's classic all-in-one. But hidden in the details of the product page, there's one outdated component Apple is holding onto.