- Jan 24, 2011
- 9,378
Microsoft has already expressed its frustration with Google’s decision to go public with an unpatched vulnerability in Windows, especially because it is already being exploited in the wild, but it turns out that the on-going attacks are connected to a Russian group known for political hacks.
The Redmond-based software giant explained in an advisory on its website that the recently-discovered Windows vulnerability is currently being used for attacks launched by a group called STRONTIUM, who is also known as Fancy Bear and is based in Russia.
Microsoft claims that the group conducted “a low-volume spear-phishing campaign” against a series of targets, but the company hasn’t revealed how many of these attacks were successful or not.
Spear phishing attacks generally involve messages submitted to vulnerable targets through different communication channels such as email and which include links or attachments that in the end lead to malicious code used to exploit unpatched flaws.
What’s interesting is that Fancy Bear has been often linked to political hacks, and the United States government itself accused Russia of launching attacks against several American targets in order to disrupt the local election.
Patch to be released on election day
According to Reuters, Fancy Bear works for the GRU, Russia’s military intelligence agency and which the United States has blamed for the attacks against the Democratic Party. Microsoft hasn’t revealed if any political attacks were launched using the newly discovered Windows vulnerability.
Read more: Microsoft: Google-Disclosed Windows Flaw Exploited by Russian Hackers Fancy Bear
The Redmond-based software giant explained in an advisory on its website that the recently-discovered Windows vulnerability is currently being used for attacks launched by a group called STRONTIUM, who is also known as Fancy Bear and is based in Russia.
Microsoft claims that the group conducted “a low-volume spear-phishing campaign” against a series of targets, but the company hasn’t revealed how many of these attacks were successful or not.
Spear phishing attacks generally involve messages submitted to vulnerable targets through different communication channels such as email and which include links or attachments that in the end lead to malicious code used to exploit unpatched flaws.
What’s interesting is that Fancy Bear has been often linked to political hacks, and the United States government itself accused Russia of launching attacks against several American targets in order to disrupt the local election.
Patch to be released on election day
According to Reuters, Fancy Bear works for the GRU, Russia’s military intelligence agency and which the United States has blamed for the attacks against the Democratic Party. Microsoft hasn’t revealed if any political attacks were launched using the newly discovered Windows vulnerability.
Read more: Microsoft: Google-Disclosed Windows Flaw Exploited by Russian Hackers Fancy Bear