Adobe Flash sucks. It’s sucked for a long time, and it continues to suck today. In fact, it sucks even more right now because of a gaping security hole which allows hackers to exploit user systems and install malware. Attackers have already seized upon the exploit and targeted an untold number of users, though their aims appear to be very specific and politically motivated.
The group utilizing the vulnerability is called BlackOasis, and security researchers have apparently been keeping an eye on them for some time. This newest attack, which was tracked and reported by Kaspersky Labs, targeted users primarily in the Middle East, with clear political motivations.
“Analysis reveals that, upon successful exploitation of the vulnerability, the FinSpy malware (also known as FinFisher) is installed on the target computer,” Kaspersky says in a blog post. “FinSpy is a commercial malware, typically sold to nation states and law enforcement agencies to conduct surveillance.”
Once the malware has been installed, it calls back to its main servers located in Europe, and can then be remotely controlled and used to send sensitive information back and forth. The current targets, which have been detected in Russia, Iran, Saudi Arabia, Libya, and Afghanistan among others, include individuals involved in regional politics, including activists, reporters, and politicians themselves.
After being contacted by Kaspersky, Adobe reportedly rolled out a new security update for Flash which patches the hole, but it’s unclear how many individuals have already been compromised. This is hardly the first time a Flash vulnerability has been exploited by hackers and likely won’t be the last. I guess it’s a good thing Flash is going to die a horrible fiery death before long.