Adobe Flash Player 0-day and HackingTeam's Remote Control System

From Botnets.fr
Jump to: navigation, search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Adobe Flash Player 0-day and HackingTeam's Remote Control System
Botnet
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 2013-02-23
Editor/Conference Kaspersky lab
Link http://www.securelist.com/en/blog/208194112/Adobe_Flash_Player_0_day_and_HackingTeam_s_Remote_Control_System (Archive copy)
Author Sergey Golovanov
Type Blogpost

Abstract

Last week, Adobe released a patch for a vulnerability in Flash Player that was being exploited in targeted attacks.

Before reading any further, we recommend you to take a moment make sure you apply this patch. Adobe offers this nifty tool to check that you have the latest version of Flash Player.

If you are running Google Chrome, make sure you have version ‘24.0.1312.57 m’ or later.

Now back to CVE-2013-0633, the critical vulnerability that was discovered and reported to Adobe by Kaspersky Lab researchers Sergey Golovanov and Alexander Polyakov. The exploits for CVE-2013-0633 have been observed while monitoring the so-called ‘legal’ surveillance malware created by the Italian company HackingTeam. In this blog, we will describe some of the attacks and the usage of this 0-day to deploy malware from ‘HackingTeam’ marketed as Remote Control System.

Bibtex

 @misc{Golovanov2013BFR1301,
   editor = {Kaspersky lab},
   author = {Sergey Golovanov},
   title = {Adobe Flash Player 0-day and HackingTeam's Remote Control System},
   date = {23},
   month = Feb,
   year = {2013},
   howpublished = {\url{http://www.securelist.com/en/blog/208194112/Adobe_Flash_Player_0_day_and_HackingTeam_s_Remote_Control_System}},
 }