Russian hackers exploit unusual Java zero-day to hit unnamed NATO country
Cyber-espionage group 'Pawn Storm' has been exploiting an unusual Java zero-day vulnerability to carry out drive-by-download attacks on a NATO country and US defence company, according to Trend Micro.
The anti-virus and threat intelligence vendor reported on Sunday that it had noticed Pawn Storm's return, after spotting a series of spear-phishing emails containing links to an exploit kit. This, researchers said, marked a slight change in tactic from the group's attacks against the White House and other NATO members in April, when the URLs sent in spear-phishing emails did not host the exploit kits.
On this occasion, the hacking group – which is believed to have close links to the Kremlin - leveraged a new and unpatched vulnerability on Oracle's Java, the first to be spotted in the wild since 2013.