A hacking group earlier connected to the Russian government and U.S. political hacks was responsible for recent cyber attacks that manipulated a newly exposed Windows security flaw, Microsoft Corp said on Tuesday.
The software developer in an advisory on its website named the hacking group as “Strontium”. It is more famously known as “Fancy Bear” or APT 28 and used “spear phishing” emails in some attacks. However, the company did not identify any victims.
Microsoft’s revelation of the current attacks and the connection to Russia came after Washington accused Moscow of unleashing an unprecedented hacking campaign. These attacks were intended for discrediting and disrupting the upcoming U.S. election.
Last month, The U.S. government formally accused the Russian government of the election-season cyber attack of Democratic Party emails. The Russians were also blamed for the emails’ ensuing release thru WikiLeaks and other entities. Russia has denied those accusations.
A patch to safeguard Windows users against the recently discovered threat will be released on Nov. 8, Election Day, Microsoft said. Nevertheless, it was unclear whether the Windows vulnerability had been exploited in any of the recent U.S. political hacks.
Representatives of the Department of Homeland Security and the FBI could not immediately be reached for comment.
A U.S. intelligence specialist on Russian cyber activity said that Fancy Bear principally works for or on behalf of the GRU, Russia’s military intelligence agency. According to U.S. intelligence officials, the GRU was responsible for hacks of Democratic Party emails and databases.
In spear phishing, an attacker sends targeted messages, usually thru email. These messages manipulate familiar information to deceive victims into clicking on malicious links or open infected attachments.
Microsoft said the hacks used a vulnerability in Adobe Systems’ Flash software and one in the Windows operating system.
On Monday, Adobe released a patch for that vulnerability when security researchers with Google announced the details of the attack.
Google chided by Microsoft
Microsoft rebuked rival Google for going public with facts of the vulnerabilities before it had time to prepare and test a patch to remedy them.
“Google’s decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing, and puts customers at increased risk,” Microsoft said.
A Google representative refused to comment on Microsoft’s statement.
Google held to its standing policy of going public seven days after uncovering “critical vulnerabilities” that are being actively used by hackers. Hence, the company revealed the flaw on Monday.
Companies are given 60 days by Google to patch less serious bugs.
The post Microsoft: Russia-linked hackers Using Windows Flaw in Attacks appeared first on Newsline.
No comments:
Post a Comment