Researchers in security have found two zero-day flaws that were not known before. These are being used by RomCom, a hacking group with ties to Russia, to attack people in Europe and North America who use Firefox or Windows devices.
There is a hacking group called RomCom that is known to attack computers and get into computers without permission for the Russian government. The group was recently linked to a hacking attack on the Japanese tech giant Casio. It is also known for being hostile to groups that support Ukraine, which Russia invaded in 2014.
Researchers from the security company ESET say they found proof that RomCom used both of the “zero-day” bugs (named that way because software companies didn’t have time to fix them before they were used to hack people) together to make a “zero click” exploit. This lets hackers put malware on a target’s computer without the user having to do anything.
“This level of sophistication shows the threat actor’s ability and intent to create stealthy attack methods,” Damien Schaeffer and Romain Dumont wrote on Monday in a blog post for ESET.
They would have to go to a hacker group-controlled harmful website in order for the zero-click exploit to work. Once RomCom’s backdoor was used, it would be placed on the victim’s computer, giving the attacker full control over the device.
Schaeffer told Parhlo World that RomCom’s “widespread” hacking operation could have affected anywhere from one person in each country to as many as 250 people, with most of the targets being in Europe and North America.
Mozilla fixed the flaw in Firefox on October 9, one day after ESET told the company that made the browser about it. The vulnerability was also fixed by the Tor Project, which builds the Tor Browser on top of Firefox’s codebase. However, Schaeffer told Parhlo World that ESET has not seen any proof that the Tor Browser was used in this hacking operation.
Also Read: Meet the “typhoon” Chinese Hackers Who Are Getting Ready for War
The Windows flaw was fixed by Microsoft on November 12. Google’s Threat Analysis Group, whose job it is to look into cyberattacks and threats backed by the government, told Microsoft about the bug. This suggests that the exploit may have been used in other hacking operations backed by the government.
What do you say about this story? Visit Parhlo World For more.
