Adobe Patches Zero-Day Used in Hacking Team Breach

Adobe has closed a Flash Player zero-day vulnerability allegedly exploited in the recent Hacking Team leak. The exploit is reported to have already been made public.

This week, hackers leaked 400 GB of data belonging to technology manufacturer Hacking Team -including internal documents, emails, slideshow presentations and more.

To carry out the intrusion, attackers capitalized on a critical vulnerability known as ” CVE-2015-5119. This is a use-after-free vulnerability active in Flash versions 18.0.0.194 and earlier.

It seems the zero-day was spotted in exploit kits found on dark web sites – namely Neutrino Exploit Kit, the Angler Exploit Kit and the Nuclear Exploit Kit.

How do you get infected?

These tools are usually hosted on compromised servers and served like regular web pages. Once the user lands on one of these pages, his browser is inspected and a specific type of content is served to make it crash. After crashing, a payload is executed with no user interaction and the computer is silently infected.

Exploits predictably arrive disguised as email attachments, compromised websites and other social engineering schemes. This means that, once executed by the user, they allow cybercriminals to take over the system, steal data or prevent the software from working at all.

So, it`s crucial that users update their Windows, Linux or Mac systems with the latest Adobe Flash versions. However, updates need to be performed from Adobe`s official site, and not from websites or email attachments that could be taking advantage of this vulnerability to spread malware.

Interested in reading about the seven most exploited vulnerabilities in the wild, according to Bitdefender? Read more.