Attackers weaponising Hacking Team Flash exploit

Attackers are working overtime to “weaponise” a new zero-day vulnerability discovered in Adobe Flash, according to Trend Micro researchers.

Over the weekend, unidentified hackers published a 400 GB collection of internal documents stolen from Italy’s Hacking Team, releasing data appearing to confirm that the company sold surveillance tools to authoritarian regimes. Hidden within the data were details of an undiscovered vulnerability in Flash.

In a blog post, Trend Micro threats analyst Brooks Li revealed that popular exploit kits are being updated to include the zero-day Flash vulnerability. She notes that all versions of Flash in use before Adobe pushed out an update were at risk.

Trend Micro researchers also uncovered evidence that the vulnerability was being used to target people in Korea and Japan before the Hacking Team data trove was leaked.

“Whether these early attacks trace to the Hacking Team or not, one message is clear — this situation underscores the risk from ‘hoarding’ vulnerabilities rather than reporting them to the vendor or software development project so they can be addressed,” Trend Micro global threat communications manager Christopher Budd said in a separate blog post.

“Our researchers have found that attackers have shifted into overdrive to include this new vulnerability into exploit kits to weaponise it.”

Adobe has urged all Flash users to update their installations as soon as possible to patch the vulnerability.

Image courtesy of Ivan David Gomez Arce under CC