Security flaws are becoming very dangerous for users of various software companies across the globe. A new Adobe threat has the company urging it’s users to download the latest version of Flash or they could be the victim of a malware like attack.
“China-based advanced persistent threat spotted using the Flash flaw, which has now entered malware kit Magnitude,” reported Alex Hern of The Guardian.
“The bug, which affects how Flash Player plays video files, lets an attacker use a carefully made video file to seize control of a userβs computer. It wasΒ made public last week by security research firm Fireeye, who discovered the flaw and reported it to Adobe.”
The report claims that the public report was too late because a Chinese hacking group called Advanced Persistent Threat 3 was already using the bug to send phishing emails to high priority technology companies. Some of these companies included aerospace, defense and construction to name a few.
“This group is one of the more sophisticated threat groups that FireEye Threat Intelligence tracks, and they have a history of introducing new browser-based zero-day exploits (eg Internet Explorer, Firefox, and Adobe Flash Player),β the researchers wrote, according to the article.
“A zero-day exploit is one which has never been used before; thus, the firm involved has ‘zero days’ to fix it.”
The exploit also ended up appearing in exploit kits called Magnitude. According to the report, Magnitude kits allow malware writers to build their software easily and are then used to infect victims computers with ransomware.
Online security continues to worsen and hacking groups are not wasting time when it comes to taking advantage of these exploits. If you’re using and type of Flash the safest bet would be to upgrade before you can subject yourself to a ransomeware-magnitude attack.
Read the full story.