ADOBE HAS FINALLY issued a warning about a Flash zero-day flash that hackers linked to North Korea have reportedly been exploiting since November.
Security researchers and South Korean authorities have long warned that cyber attackers based in the North have been tapping into an Adobe Flash zero-day flaw.
They believe that hackers associated with the authoritarian government in Pyongyang are using the zero-day vulnerability to launch attacks on South Korean researchers working on projects about North Korea.
After the serious flaw was uncovered, the South Korean Computer Emergency Response Team (KR-CERT) warned citizens that an "attacker may be able to convince a user to open a Microsoft Office document, web page, or spam mail containing a Flash file".
Attackers have been embedding a dodgy Flash SWF file into seemingly innocent looking Word and Excel documents in order to infect victims' computers. But the researchers have slammed Adobe for not doing enough to tackle the flaw.
During this time, Adobe has not offered much insight into the flaw, but experts at KR-CERT have offered recommendations while Adobe works on a patch. They include removing Flash Player completely and using the Firefox web browser.
Simon Choi, a security researcher based in South Korea, has spent much of his time exploring the flaw. He believes that North Korean hackers first started using the flaw in November 2017.
"Flash zero-day vulnerability made by North Korea has been used from mid-November 2017. They attacked South Koreans who mainly do research on North Korea," he wrote on Twitter yesterday.
Adobe has finally got round to issuing an advisory based on the flaw (CVE-2018-4878), which is rated as critical. The company promised to release a patch on 5 February.
"Adobe is aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users," it explained.
"These attacks leverage Office documents with embedded malicious Flash content distributed via email." µ
Flagship will launch a day early to avoid being 'overshadowed' by Apple
EC says merged entity will 'continue to face significant competition'
Alexa, give me a reason to be cheerful about the UK economy
No, it isn't 1 April