News

Attackers Exploit Hacking Team’s Unpatched Flash Leak – Update

By admin
Spread the love

A zero-day exploit originating from controversial security firm Hacking Team is being exploited in at least three different exploit kits. The exploit comes from Hacking Team’s hack, in which 400 gigabytes of internal files were placed online.

In the hack of Hacking Team, which makes spy software for governments, attackers stole approximately 400 gigabytes of internal files. This includes not only internal e-mail correspondence, but also details of security vulnerabilities that the controversial company abused to, for example, place malware on systems of ‘suspects’.

At least one of those vulnerabilities is being exploited in the wild, writes security researcher Kafeine on the blog Malware Don’t Need Coffee. The security vulnerability makes it possible to run code on a system yourself, and works in Chrome on Windows, among others.

The bug is likely already being exploited in three exploit kits at this point: Angler, Neutrino, and Nuclear. Exploit kits can be taken by malicious parties to inject malware into victims’ computers without much effort. The exploit kit does this using known security vulnerabilities in software, which can be served through, among other things, infected advertisements. The exploit kit would install adware, but also ransomware, where files are encrypted and users have to pay to access their files again.

The security issue is a zero day, meaning no patch is available yet. Adobe is said to be planning to release a patch soon, possibly Wednesday or Thursday, but at the time of writing, users are vulnerable. Security company Symantec advises users to disable Flash. Plugins can also be blocked or made click-to-play.

There are even more security vulnerabilities in the 400 gigabytes of Hacking Team data. According to security researcher Yonathan Klijnsma, it concerns a bug in SELinux under Android. There is also said to be an exploit in a bug for Windows that allows attackers with access to a system to gain higher user rights. However, it’s unclear if that’s an unpatched issue. Since the files are a whopping 400 gigabytes, there’s a good chance that there are even more undiscovered security vulnerabilities.

Update, 15:08: The bug has now been squashed, security researcher Kafeine confirmed to SecurityWeek.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Logitech acquires stream controller maker Loupedeck

Exit mobile version