Skip to main content

Russia's 'Fancy Bear' Hackers Exploit a Microsoft Office Flaw—and NYC Terrorism Fears

posted onNovember 8, 2017
by l33tdawg

As dangerous as they may be, the Kremlin-linked hacking group known as APT28, or Fancy Bear, gets points for topicality. Last year, the group hacked the Democratic National Committee and the Clinton campaign with shrewd, politically savvy timing. Now, those same hackers seem to be exploiting last week's ISIS attack in New York City to advance their espionage tactics again, using a freshly exposed vulnerability in Microsoft's software.

On Tuesday, researchers at McAfee revealed that they've been tracking a new phishing campaign from the Russia-linked hacker team. Security researchers have recently shown that a feature of Microsoft Office known as Dynamic Data Exchange can be exploited to install malware on a victim's computer when they simply open any Office document. McAfee now says APT28 has used that DDE vulnerability since late October. And while the targets McAfee has detected so far are in Germany and France, the hackers have been fooling victims into clicking with file names that reference US-focused topics: both a US Army exercise in Eastern Europe known as SabreGuardian and last week's ISIS truck attack that killed eight people on a Manhattan bike path.

Source

Tags

Industry News

Recent News

Tuesday, November 14th

Sunday, November 12th

Friday, November 10th

Wednesday, November 8th

Monday, November 6th