Trend Micro warns a new zero-day exploit in Adobe Flash is being abused to attack fully-patched systems. The attack originates from the attackers behind Pawn Storm and primarily targets foreign affairs ministries from around the globe.
In this most recent campaign, Pawn Storm targeted several foreign affairs ministries from around the globe. The targets received spear phishing e-mails that contained links leading to the exploit. The emails and URLs were crafted to appear like they lead to information about current events, with the email subjects containing the following topics:
“Suicide car bomb targets NATO troop convoy Kabul”
“Syrian troops make gains as Putin defends air strikes”
“Israel launches airstrikes on targets in Gaza”
“Russia warns of response to reported US nuke buildup in Turkey, Europe”
“US military reports 75 US-trained rebels return Syria”
It’s worth noting that the URLs hosting the new Flash zero-day exploit are similar to the URLs seen in attacks that targeted North Atlantic Treaty Organization (NATO) members and the White House in April this year.