APT organization PawnStorm take advantage of the latest Flash zero-day attack States, the Ministry of Foreign Affairs-vulnerability warning-the black bar safety net

ID MYHACK58:62201567994
Type myhack58
Reporter 佚名
Modified 2015-10-18T00:00:00


Recently, Trend Micro researchers discovered a new Flash vulnerability being PawnStorm cyber espionage operations use around the world the Ministry of Foreign Affairs to expand the attack. The Ministry of Foreign Affairs to attack the target PawnStorm is one of both depth and breadth of persistent cyber-espionage operations. In 2 0 1 4 years 1 0 months, Trend Micro experts found that the tissue from the 2 0 0 7 years start that specifically for some well-known institutions and individuals, government agencies or media celebrities, etc. to expand the attack. In recent years, States the Ministry of Foreign Affairs is to become PawnStorm locked targets. PawnStorm the use of this Flash zero-day vulnerability affects mainly AdobeFlash Player 19.0.0. 1 8 5 and 1 9. 0. 0. 2 0 7 The two versions, and other not listed version is also likely to be vulnerable to attack, Trend Micro experts explained. The PawnStorm initiate the attack, mainly based on social engineering and phishing e-mail Spear-phishingemail by the global attention of the international events themed to attract the recipient to open the mail. Trend Micro researchers found that most of the mail will have the following theme: NATO troops a suicide car bomb attack in Kabul The Syrian army in Putin's air RAID in progress Israel in Gaza air strikes The Syrian army in Putin's air strikes under cover to advance Russia warned the United States in Turkey, Europe to improve nuclear behaviour to respond U.S. military reports 7 5 The U.S. military to train the rebels return to Syria ! Trend Micro: the problem being addressed. Experts note that the Flash zero-day attacks URL address with the April attack NATO and the United States the White House government agencies such as the action URL address of similar. “The Ministry of Foreign Affairs to become overwhelmed by PawnStorm targets. In addition to malicious attacks, fake Outlook Web Access OWA server is also provided in each of the ministries. Through a phishing attack can be simple and effective to achieve invasion, a Ministry of Foreign Affairs by receiving the mail settings would leak its DNS.” This means that the PawnStorm organization has on the body of the email for a long time of interception, interception. Trend Micro has notified Adobe of the zero-day problem, and is currently working with them to resolve security issues.