Software giant Adobe recently announced that hackers exploited a vital zero-day flaw in the popular and widely installed Adobe Flash software.
The company is literally scrambling to develop and implement a patch that should close the loophole the attackers have been using to target specific accounts and individuals.
In this case, the zero-day flaw essentially lets the hackers hijack an affected system. That’s right, the bad guys get full control.
The attackers managed to infect more than 100 organisations with this zero-day vulnerability.
Needless to say, this has led to a huge headache for Adobe. On the one hand they have to work double and triple time to patch this gaping security hole, and on the other hand they have to do damage control by dealing with irate customers, many of which are large corporations and government entities.
Security firm Kaspersky Labs, credited with identifying the flaw, believe that a group of hackers known as ScarCruft (undoubtedly a name that they ripped off the popular MMORPG StarCraft) is behind the attack.
ScarCruft is but one such group, known as an advanced persistent threat (APT), that utilises attack vectors like zero-day flaws to not only stay one step ahead but also to make sure that their attacks make the largest impact possible when deployed.
ScarCruft, it seems, is a busy body. They did not stop with this single attack. While the Adobe Flash attack was directed towards the North American market, Kaspersky Labs has also identified another Adobe exploit and a Microsoft Internet Explorer exploit being used by the same group to gain access to systems.
Indeed, the Adobe Flash zero-day attack was part of a highly coordinated attack on multiple fronts in multiple countries. The security firm did some deep digging and revealed that users as far away as Nepal, Russia, South Korea, China, India, Kuwait and Romania are having their systems attacked and compromised by the same group.
ScarCruft has no intention of slowing down. And the scary thing is that for all intents and purposes it’s currently a phantom — ScarCruft came out of nowhere and acted in a highly coordinated manner.
And it is not the only APT group seeking to take advantage of zero-day vulnerabilities.
There are some simple steps you can take to protect your business from malicious cyber-attacks:
Keep your antivirus up-to-date to at least have a fighting chance against viruses that have already been identified
Do not open emails or email attachments from people or organisations you don’t recognise
Do not visit unscrupulous or “dodgy” websites and look to your antivirus and web filtering to block them