Government Hackers Used Microsoft Word Zero-Day to Install Spyware on Russian Targets


Image: MOTHERBOARD
The hackers exploited the unknown vulnerability to install spyware made by the infamous surveillance company FinFisher.

By Lorenzo Franceschi-Bicchierai | MOTHERBOARD

An unknown group of government hackers used the recently discovered vulnerability in Microsoft Word to target Russian victims with booby-trapped documents.

The hackers leveraged a military manual written in Russian, a document referencing the Russian Ministry of Defense, as well as a document that promised to reveal the „top 7 hot hacker chicks“ to lure victims into opening the .doc attachments. If the targets fell for it, they’d get hacked thanks to the Microsoft Word zero-day and infected with FinSpy, spyware made by the infamous surveillance technology firm FinFisher.

Security researchers working at FireEye, as well as Claudio Guarnieri, a malware hunter and senior technologist at Amnesty International, spotted these operations in the wild. The hackers, whoever they were, left a series of booby-trapped documents on a server online.

read more

Advertisements

Ein Gedanke zu “Government Hackers Used Microsoft Word Zero-Day to Install Spyware on Russian Targets

Kommentar verfassen

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:

WordPress.com-Logo

Du kommentierst mit Deinem WordPress.com-Konto. Abmelden / Ändern )

Twitter-Bild

Du kommentierst mit Deinem Twitter-Konto. Abmelden / Ändern )

Facebook-Foto

Du kommentierst mit Deinem Facebook-Konto. Abmelden / Ändern )

Google+ Foto

Du kommentierst mit Deinem Google+-Konto. Abmelden / Ändern )

Verbinde mit %s