Pawn Storm, the hack attack we reported on a few days back, is "the most significant cyber-espionage threat to the U.S. government and her NATO partners”.
Those are the words of Trend Micro’s chief cybersecurity officer, Tom Kellermann, who spoke to The Daily Caller News Foundation (opens in new tab).
Pawn Storm is a cyber-attack which uses classic phishing techniques and attacks foreign ministries across the globe. It sends out emails with topics like “Suicide car bomb targets NATO troop convoy Kabul,” or “Syrian troops make gains as Putin defends air strikes” – something that would be interesting for people working in foreign ministries.
The emails provide a link which, once clicked, re-directs the victim to a site where a malicious Flash code is found. The Flash Player vulnerability would allow a hacker to take over the system.
“Kellermann identified civilian government agencies, the Department of Defense and NATO as three potentially high value targets if Russian hackers want to target the US,” The Daily Caller says in a report.
“It’s worth noting that the URLs hosting the new Flash zero-day exploit are similar to the URLs seen in attacks that targeted North Atlantic Treaty Organization (NATO) members and the White House in April this year,” Trend Micro writes in a report.
The security firm has notified Adobe and are working with them to address the issue. Flash has been hit by so many attacks recently, that calls for its complete removal have been loud in multiple occasions. The player has been blocked in both Google Chrome and Mozilla Firefox.