Adobe Flash Player 0-day and HackingTeam's Remote Control System

Revision as of 17:57, 7 February 2015 by Eric.freyssinet (talk | contribs) (Text replacement - "" to "")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Adobe Flash Player 0-day and HackingTeam's Remote Control System
Botnet/malware group
Exploit kits
Distribution vector
Operation/Working group
Date 2013 / 2013-02-23
Editor/Conference Kaspersky lab
Link Flash Player 0 day and HackingTeam s Remote Control System (Archive copy)
Author Sergey Golovanov
Type Blogpost


Last week, Adobe released a patch for a vulnerability in Flash Player that was being exploited in targeted attacks.

Before reading any further, we recommend you to take a moment make sure you apply this patch. Adobe offers this nifty tool to check that you have the latest version of Flash Player.

If you are running Google Chrome, make sure you have version ‘24.0.1312.57 m’ or later.

Now back to CVE-2013-0633, the critical vulnerability that was discovered and reported to Adobe by Kaspersky Lab researchers Sergey Golovanov and Alexander Polyakov. The exploits for CVE-2013-0633 have been observed while monitoring the so-called ‘legal’ surveillance malware created by the Italian company HackingTeam. In this blog, we will describe some of the attacks and the usage of this 0-day to deploy malware from ‘HackingTeam’ marketed as Remote Control System.


   editor = {Kaspersky lab},
   author = {Sergey Golovanov},
   title = {Adobe Flash Player 0-day and HackingTeam's Remote Control System},
   date = {23},
   month = Feb,
   year = {2013},
   howpublished = {\url{}},