Security researchers have discovered a new Adobe Flash vulnerability that has already been exploited by hackers to deploy the latest version of FinSpy malware on targets. Kaspersky Lab researchers said a hacker group called BlackOasis has already taken advantage of the zero-day exploit – CVE-2017-11292 – to deliver its malicious payload via a Microsoft Word document.
Kaspersky said BlackOasis used the previously unknown Flash flaw in an attack on 10 October.
Commenting on the news is Chris Doman, security researcher at AlienVault, who said:
FinSpy / FinFisher is a product of Gamma International, and has a number of customers in the Middle East and South America. They have attracted controversy for selling FinSpy to regimes with poor human rights records.
Gamma continue to sell their products to governments around the world, and we’ll continue to see these attacks reported. There is a growing market for well-resourced countries to build their collection capabilities.
Microsoft track these attacks under the name Neodymium and there have been a number of reports on their activities recently.
Last month attacks involving the same malwar