Attackers burn six zero-day exploits in DNC hacks

News by Greg Masters

In just the past year, a Russian hacking gang exploited at least six zero-day vulnerabilities in Windows, Adobe Flash and Java to attack the email servers of the Democratic National Convention (DNC) in the US.

More details are emerging about the culprits behind hacks of the Democratic National Committee (DNC) and campaign staffers working for Hillary Clinton.

The hacking group most widely identified as Fancy Bear, but also dubbed Sednit, APT28 and various other names, has been said to be based in Russia and working for the highest echelons of the nation's government.

Reportedly behind incursions into the German parliament, Ukrainian leaders, NATO officials, Russian political dissidents, former U.S. Secretary of State Colin Powell, French TV network TV5Monde, as well as the DNC and Clinton's campaign, the attackers have sent thousands of emails with malicious links to phoney web pages that dupe recipients into giving up digital identities.

As much of the purloined information from these various incursions was gathered through phishing campaigns and subsequently appeared on WikiLeaks, the assumption has been that one group was behind the hacks.

But, according to reports, the Russians are using more than phishing in their campaigns. The group also is employing zero-day exploits to pollute its target networks or individuals, according to security researchers at ESET.

ESET claimed that in just the past year the hackers exploited at least six zero-day vulnerabilities in Windows, Adobe Flash and Java. The hacking group, ESET wrote in its report [PDF], has launched so many zero days the suggestion is that there are considerable resources behind them. 

"A run-of-the-mill criminal gang would be unlikely to make use of quite so many previously unknown, unpatched vulnerabilities because of the significant skill, time and resources required to properly uncover and exploit them," the report stated.

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events