It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Kaspersky Lab Discovers Adobe Flash Zero Day Used in the Wild by a Threat Actor to Deliver Spyware

page: 1
13

log in

join
share:

posted on Oct, 16 2017 @ 05:01 PM
link   


The Kaspersky Lab advanced exploit prevention system has identified a new Adobe Flash zero day exploit, used in an attack on October 10, 2017 by a threat actor known as BlackOasis. The exploit is delivered through a Microsoft Word document and deploys the FinSpy commercial malware. Kaspersky Lab has reported the vulnerability to Adobe, which has issued an advisory.


Kaspersky Lab Discovers Adobe Flash Zero Day Used in the Wild by a Threat Actor to Deliver Spyware

Looks like another vulnerability has been discovered in Adobe Flash. And ironically it was discovered by the now distrusted Kaspersky Labs in Russia.


FinSpy is a commercial malware, typically sold to nation states and law enforcement agencies to conduct surveillance.

After installation, the malware establishes a foothold on the attacked computer and connects to its command and control servers located in Switzerland, Bulgaria and the Netherlands, to await further instructions and exfiltrate data.

So far, victims of BlackOasis have been observed in the following countries: Russia, Iraq, Afghanistan, Nigeria, Libya, Jordan, Tunisia, Saudi Arabia, Iran, the Netherlands, Bahrain, United Kingdom and Angola.

Interesting that the US is not on that list.

Unfortunately Adobe Flash content is still widely deployed on the web. It's been difficult for me to rid myself of Flash for that reason...

-dex



posted on Oct, 17 2017 @ 05:06 AM
link   
a reply to: DexterRiley

Frankly, I would rather use Kaspersky than any American dirt.

Why? Because I EXPECT it, and its never been flatly denied in any serious manner, also, people who actually know things about computing and security tell me, that its a bloody good program. And the other thing is, that the only other options are made by companies in nations which are, without question, looking to penetrate all devices and take all the data, and lie to my face about it in the process.



posted on Oct, 17 2017 @ 05:40 AM
link   
a reply to: TrueBrit

I've not had much exposure to Kaspersky software. However, I have had knowledgeable friends tell me the same thing.

Kaspersky also seems to be in the forefront of security research. And they have on several occasions discovered zero day exploits before anyone else even started looking.

However, I must admit that I've always wondered why the US government ever authorized the use of a foreign made security product. At least with a domestic product the government would already know about all of the backdoors that were in the program. Primarily because they were the ones to put them there.




And the other thing is, that the only other options are made by companies in nations which are, without question, looking to penetrate all devices and take all the data, and lie to my face about it in the process.

Unfortunately I'm sure that the international community is beginning to share your concern about certain American made software. It appears that the US government is getting quite a reputation for strong arming domestic companies into providing them complete access to any technology they want.

-dex



posted on Oct, 17 2017 @ 05:55 AM
link   
a reply to: DexterRiley

Computer security software exists entirely for the purpose of selecting who gets to spy on whom.



posted on Oct, 17 2017 @ 06:15 AM
link   
a reply to: DexterRiley

FinSpy (also know as FinFisher) is a 'commercial malware' from German company Lench IT solutions PLC, formerly part of the UK company Gamma International.

Wikileaks already exposed this particular malware (see Wikileaks - Spy Files 4).
Supreme irony, the company behind FinFisher was itself hacked and the list of its customers as well as 40Gb of data were released in the wild :

Top gov't spyware company hacked; Gamma's FinFisher leaked



posted on Oct, 17 2017 @ 05:41 PM
link   
a reply to: theultimatebelgianjoke

Interesting link.

Do you believe that Lench IT solutions PLC was involved with this Adobe Flash hack? Or is this version of FinSpy the one that was stolen in 2014?

-dex



posted on Oct, 18 2017 @ 03:24 AM
link   
a reply to: DexterRiley

Can't tell for sure, as of the article they 'purchase' their 'zero-day exploits' from a french-US company named VUPEN - now Zerodium.

The 'software' costs 1.4 million € and a training session is worth 27000€.
Zerodium is still active today buying zero-day exploits, ex: if you know some zero-day exploit in tor browser, their latest Twitter entry is that they will pay 1000000$ for it. On the 26th of July, they made a similar 'announcment' about flash zero-day vulnerability, but this one was only worth 100000$.
Here is some more info about the leaked content : Leaksour ce


edit on 18-10-2017 by theultimatebelgianjoke because: -




top topics



 
13

log in

join