- Jul 22, 2014
- 2,525
Cybercriminals are leveraging a recently patched critical Adobe Flash Player vulnerability in a massive spam campaign targeting unpatched computers.
According to the research firm Morphisec, cybercriminals are blasting spam messages that urge recipients to click a link to download a Word document. And when a victim opens the document and enables macros, malware attempts to exploit an Adobe Flash Player bug (CVE-2018-4878) patched by Adobe earlier this month. Victims who fall for the ploy could ultimately hand over control of their systems to an attacker, according to researchers.
Adobe classified the bug as critical, describing it as a use-after-free vulnerability impacting its Adobe Flash Player running on Windows 10, macOS, Linux and Chrome OS systems. The flaw was originally found by the South Korean Computer Emergency Response Team on Jan. 31 and identified as a Flash SWF file embedded in Microsoft Word and Excel documents.
..
...
The campaign tracked by Morphisec was “just a few hours long” and targeted inboxes in the U.S. and Europe. “The documents were downloaded from the safe-storge[.]biz domain and went almost entirely undetected with an 1/67 detection ratio,” according to Gorelik.
...
According to the research firm Morphisec, cybercriminals are blasting spam messages that urge recipients to click a link to download a Word document. And when a victim opens the document and enables macros, malware attempts to exploit an Adobe Flash Player bug (CVE-2018-4878) patched by Adobe earlier this month. Victims who fall for the ploy could ultimately hand over control of their systems to an attacker, according to researchers.
Adobe classified the bug as critical, describing it as a use-after-free vulnerability impacting its Adobe Flash Player running on Windows 10, macOS, Linux and Chrome OS systems. The flaw was originally found by the South Korean Computer Emergency Response Team on Jan. 31 and identified as a Flash SWF file embedded in Microsoft Word and Excel documents.
..
...
The campaign tracked by Morphisec was “just a few hours long” and targeted inboxes in the U.S. and Europe. “The documents were downloaded from the safe-storge[.]biz domain and went almost entirely undetected with an 1/67 detection ratio,” according to Gorelik.
...