Microsoft: Google-Disclosed Windows Flaw Exploited by Russian Hackers Fancy Bear

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Microsoft has already expressed its frustration with Google’s decision to go public with an unpatched vulnerability in Windows, especially because it is already being exploited in the wild, but it turns out that the on-going attacks are connected to a Russian group known for political hacks.

The Redmond-based software giant explained in an advisory on its website that the recently-discovered Windows vulnerability is currently being used for attacks launched by a group called STRONTIUM, who is also known as Fancy Bear and is based in Russia.

Microsoft claims that the group conducted “a low-volume spear-phishing campaign” against a series of targets, but the company hasn’t revealed how many of these attacks were successful or not.

Spear phishing attacks generally involve messages submitted to vulnerable targets through different communication channels such as email and which include links or attachments that in the end lead to malicious code used to exploit unpatched flaws.

What’s interesting is that Fancy Bear has been often linked to political hacks, and the United States government itself accused Russia of launching attacks against several American targets in order to disrupt the local election.

Patch to be released on election day

According to Reuters, Fancy Bear works for the GRU, Russia’s military intelligence agency and which the United States has blamed for the attacks against the Democratic Party. Microsoft hasn’t revealed if any political attacks were launched using the newly discovered Windows vulnerability.

Read more: Microsoft: Google-Disclosed Windows Flaw Exploited by Russian Hackers Fancy Bear
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top