silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,210
A threat group tracked by security firm ESET as “PowerPool” has been exploiting a Windows zero-day vulnerability to elevate the privileges of a backdoor in targeted attacks.
According to ESET, the local privilege escalation vulnerability has been exploited by a newly uncovered group it tracks as PowerPool. Based on the security firm’s telemetry and malware samples uploaded to VirusTotal, the threat actor appears to have leveraged the Windows zero-day against a small number of users located in the United States, the United Kingdom, Germany, Ukraine, Chile, India, Russia, the Philippines and Poland