Zero-days don't come cheap: who would risk six to breach the DNC?
Zero-days don't come cheap: who would risk six to breach the DNC?

More details are emerging about the culprits behind hacks of the Democratic National Committee (DNC) and campaign staffers working for Hillary Clinton.

The hacking group most widely identified as Fancy Bear, but also dubbed Sednit, APT28 and various other names, has been said to be based in Russia and working for the highest echelons of the nation's government.

Reportedly behind incursions into the German parliament, Ukrainian leaders, NATO officials, Russian political dissidents, former U.S. Secretary of State Colin Powell, French TV network TV5Monde, as well as the DNC and Clinton's campaign, the attackers have sent thousands of emails with malicious links to phoney web pages that dupe recipients into giving up digital identities.

As much of the purloined information from these various incursions was gathered through phishing campaigns and subsequently appeared on WikiLeaks, the assumption has been that one group was behind the hacks.

But, according to reports, the Russians are using more than phishing in their campaigns. The group also is employing zero-day exploits to pollute its target networks or individuals, according to security researchers at ESET.

ESET claimed that in just the past year the hackers exploited at least six zero-day vulnerabilities in Windows, Adobe Flash and Java. The hacking group, ESET wrote in its report [PDF], has launched so many zero days the suggestion is that there are considerable resources behind them. 

"A run-of-the-mill criminal gang would be unlikely to make use of quite so many previously unknown, unpatched vulnerabilities because of the significant skill, time and resources required to properly uncover and exploit them," the report stated.