Russian Hackers running Cyberspying Campaign

Researchers at the FireEye, announced that they have detected the exploitation of zero-day Flash vulnerabilities and Microsoft Windows flaw in a Russian espionage campaign in order to spy on  American defense contractors, NATO official and others.

The cyber campaign started since April 13. The campaign includes the zero-day flaws as CVE-2015-3043 for Adobe, and CVE-2015-1701 for Microsoft. These malicious flaws are triggered when a victim clicks on a link to a website that is controlled by attackers.

CVE-2015-1701enables an attacker to fetch data from the System process by running code through the kernel. It enables him to modify their stolen system tokens to have the same privileges as the System process.

FireEye announced on April18, “While there is not yet a patch available for the Windows vulnerability, updating Adobe Flash to the latest version will render this in-the-wild exploit innocuous. We have only seen CVE-2015-1701 in use in conjunction with the Adobe Flash exploit for CVE-2015-3043.”

Microsoft is working on a fix for the vulnerability, which does not affect Windows 8 or later.

According to FireEye “Through correlation of technical indicators and command and control infrastructure, FireEye assesses that APT28 is probably responsible for this activity.”

According to security firm, “skilled” Russian developers and operators can be linked to APT28 through a government sponsor in Moscow. Spear phishing campaigns, which deliver surveillance-based malware payloads to machines, are used to target victims likely to have intelligence useful to the Russian government.

FireEye has given details in its released a report in October, about the activities of APT28, a Russian hacking group which has been in operation since 2007. The researchers suspect that the threat actors are likely to focus on targeting US defense and military contractors, NATO officials and others with particular interest to the Kremlin such as the Republic of Georgia and European security firms.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...