Adobe Systems Inc. has issued a public statement on Monday saying that hackers are exploiting a vulnerability in its Flash Multimedia software platform to launch cyber attacks. So, the company is requesting its users to quickly patch their systems to prevent such attacks and avoid embarrassment.
The alert was issued by Adobe as soon as it received a warning from Kaspersky Labs about a hacking group called BlackOasis.
Last week, researchers from Kaspersky found that BlackOasis hacking group was implanting malicious software called FinSpy or FinFisher on computers by exploiting flash software vulnerability in web browsers. The malicious software is being implanted in such a way that it connects the victims to external servers operating in Switzerland, Bulgaria and the Netherlands.
Note- FinSpy software is a commercial product which is being typically sold to state-funded actors and law enforcement agencies such as NSA to conduct surveillance or espionage.
And as per the study carried out by the researchers of Kaspersky, the software is currently targeting Middle Eastern Politicians, and United Nations officials. And a security report compiled by Kaspersky Lab says that the malicious software has so far victimized those using Adobe software in nations such as Russia, Iraq, Afghanistan, UK, Iran, Africa and the Middle East.
Adobe immediately reacted and issued a flash security update to fix problems, which affected those using Google Chrome, Microsoft Edge, and IE Browsers. The fix applies to all those using Windows, Macintosh, Linux and Chrome OSes.
Note- Adobe said in July this year that by 2020 it will retire flash technology which is used to power most of the media content found online.