This article is more than 1 year old
Kremlin hackers exploited TWO 0-day Flash, Windows vulns
Operation RussianDoll smelled like Russian miscreants, say infosec bods
A hacking group probably backed by Russia has been making use of two zero-day exploits to target foreign governments.
The so-called "Operation RussianDoll" attackers used zero-day exploits in Adobe Flash and Windows to target a specific foreign government organisation.
Security firm FireEye says the pattern of the attacks fits those of the recently exposed APT 28 cyberspies, making the group the most likely culprits for the latest attack.
The highly complex attack featuring used two zero-days to work.
"Only a well funded threat actor, in this case a nation state one associated with the Russian government," would be capable of pulling off the assault, according to FireEye.
Adobe independently released a patch for the CVE-2015-3043 vulnerability in its software on Tuesday while Microsoft is working on a fix for the CVE-2015-1701 security bug. FireEye began detecting and preventing attacks based on these vulns on 13 April.