Home / / Russian cyber-gang targeting US govt used Adobe, Windows flaws: FireEye

Russian cyber-gang targeting US govt used Adobe, Windows flaws: FireEye

Hackers could be those that attacked White House network

Security threats, FireEye Incorporated (www.fireeye.com)

A Russian hacking group that targeted US State Department computers exploited vulnerabilities in Adobe Flash and Microsoft Windows to mount its campaign, Reuters reported, citing statements from cyber-security company FireEye.

The group may be the same one that infiltrated the White House non-classified network in October, gaining access to the president's schedule, but FireEye did not confirm this.

FireEye, known for its forensic work through its acquired subsidiary Mandiant, has dubbed the Russian group APT28 and believes it has been operating since 2007. Apart from US targets, APT28 has infiltrated NATO offices and monitored government officials in Georgia.

Trend Micro also appeared to refer to the group's operations in a 16 April whitepaper and blogpost. The cyber security firm warned of "Operation Pawn Storm", which it described as "an active economic and political cyber-espionage operation that targets a wide range of entities, like the military, governments, defence industries, and the media".

"The group is composed of a determined group of threat actors active since at least 2007 with a very specific modus operandi," Trend Micro said in its blogpost. "We so named it due to the attackers' use of multiple connected tools and tactics to hit a specific target - a strategy mirroring the chess move of the same name."

Adobe has since issued a fix for the vulnerability used by APT28 and Microsoft is reportedly working on a patch for the Windows flaw.