Apr 19, 2015
Hackers linked to the Russian government used previously unknown flaws in Microsoft Corp.’s Windows and Adobe Systems Inc.’s Flash to try to infiltrate discussions on sanctions policy, a person familiar with the attack said.
The spying scheme was detected on April 13 by U.S. cybersecurity firm FireEye Inc. and targeted an agency of an overseas government that was in discussions with the U.S. about sanctions policy. The attack was halted before the group extracted any data, the company said in a blog post Saturday.
The hacking group, which FireEye calls Advanced Persistent Threat 28, or APT28, is known for advanced cyber-attacks and its use of malware known as Sofacy. In this case, it took the unusual step of using two so-called zero-day exploits to try to infiltrate the computer systems of its victim in a highly sophisticated attack, FireEye said.
“While there is not yet a patch available for the Windows vulnerability, updating Adobe Flash to the latest version will render this in-the-wild exploit innocuous,” FireEye said in a blog post.
Adobe has created a fix for the vulnerability while Microsoft is working on a patch, FireEye said. The flaw does not apply to Windows 8 and later versions.