‘Chinese Spies’ Launch New Adobe Zero-Day Attack

A group of Chinese spies are believed to have resurfaced to attack vulnerable political and non-profit groups, after FireEye discovered them using a new zero-day Adobe exploit.

It’s the second such zero-day attack uncovered by FireEye within a week, following the Operation Snowman campaign.

In a 20 February blog post, FireEye said the new attack, dubbed “Operation GreedyWonk”, used a previously unknown vulnerability in the latest version of Adobe Flash to infect the websites of three organisations: the American Research Center in Egypt, the Smith Richardson Foundation and the Peter G Peterson Institute for International Economics.

Unsuspecting users were redirected to an exploit server where they were served with the zero-day malware. Two of the affected organisations focus on security and public policy matters, and FireEye said users were infected for the likely purpose of follow-on data theft of information relating to defence and public policy.

FireEye is linking the attack to a previous campaign, revealed by the Shadowserver Foundation in May 2012, which compromised similar government, defence and ‘policy wonk’ organisations, including the Israeli International Institute for Counter-Terrorism, the Centre for European Policy Studies, the US Center for Defense Information, the Cambodian Ministry of Foreign Affairs, Amnesty International Hong Kong and – once again – the American Research Center in Egypt.

via ‘Chinese spies’ launch new Adobe zero-day attack – SC Magazine UK.

———————————————-

Journal of Law & Cyber Warfare | www.jlcw.org The Journal of Law & Cyber Warfare provides a public peer-reviewed law publication to foster open discussion and education of technology, government and legal stakeholder in relation to the complex issue of cyber warfare.  Journal of Law & Cyber Warfare accepts articles written by military, technology, judges, government officials, academic and legal practitioners.  The Journal of Law & Cyber Warfare provides a public peer-reviewed law publication to foster open discussion and education of technology, government and legal stakeholder in relation to the complex issue of cyber warfare.  Journal of Law & Cyber Warfare accepts articles written by military, technology, judges, government officials, academic and legal practitioners. The Journal of Law & Cyber Warfare is honored by the world class caliber editorial board that is involved with the Journal. Thought leaders from forensics, law, warfare, and cyber security are on the Board. The Journal is always looking for interested thought leaders who believe they can contribute in a meaningful fashion to the development of cyber warfare scholarship.