Government Hackers Used Microsoft Word Zero-Day to Install Spyware on Russian Targets

The hackers exploited the unknown vulnerability to install spyware made by the infamous surveillance company FinFisher.

By Lorenzo Franceschi-Bicchierai | MOTHERBOARD

An unknown group of government hackers used the recently discovered vulnerability in Microsoft Word to target Russian victims with booby-trapped documents.

The hackers leveraged a military manual written in Russian, a document referencing the Russian Ministry of Defense, as well as a document that promised to reveal the „top 7 hot hacker chicks“ to lure victims into opening the .doc attachments. If the targets fell for it, they’d get hacked thanks to the Microsoft Word zero-day and infected with FinSpy, spyware made by the infamous surveillance technology firm FinFisher.

Security researchers working at FireEye, as well as Claudio Guarnieri, a malware hunter and senior technologist at Amnesty International, spotted these operations in the wild. The hackers, whoever they were, left a series of booby-trapped documents on a server online.

read more