Trend Tide News

RomCom Exploits Firefox and Windows Zero-Days - TechNadu

By Lore Apostol

RomCom Exploits Firefox and Windows Zero-Days - TechNadu

Mozilla responded promptly with a patch for Firefox, and Microsoft addressed the vulnerability in Windows.

Cybersecurity researchers have uncovered a sophisticated hacking campaign led by the Russian-linked cybercrime group RomCom, exploiting previously unknown zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows.

The campaign primarily targeted users across Europe and North America and involved two zero-day bugs, enabling a zero-click exploit. This advanced technique allows attackers to deploy malware on a system remotely without user interaction.

Victims merely needed to visit a malicious website controlled by RomCom, a Russian-speaking group known as UAT-5647, where the group's backdoor malware would then be planted on their systems, granting hackers broad access to devices.

RomCom is associated with cyberattacks aligned with Russian government interests, previously linked to a ransomware attack on Casio and campaigns targeting Ukraine-allied organizations.

Their use of a zero-click exploit demonstrates heightened sophistication and intent to conduct stealthy, damaging cyber intrusions. Targets ranged from individual victims per country to as many as 250 victims across Europe and North America.

Mozilla responded promptly with a patch for Firefox on October 9, following an alert from ESET researchers. The Tor Project also patched its Tor Browser based on Firefox's codebase, though no evidence points to the Tor Browser being exploited.

Microsoft addressed the vulnerability in Windows on November 12, following its identification by Google's Threat Analysis Group, which monitors state-sponsored threats.

This hacking campaign is a stark reminder of the continued threat posed by state-linked cyber actors leveraging advanced exploits. Organizations and individuals are urged to update their software and implement robust security measures to mitigate risks associated with zero-day vulnerabilities.

Previous articleNext article

POPULAR CATEGORY

commerce

9635

tech

10597

amusement

11578

science

5264

various

12332

healthcare

9314

sports

12273