APT28 uses leaked Hacking Team exploits in custom EK
ESET researchers have discovered that exploits, exposed in the recent Hacking Team leak, are now being used by an attack group, known as “APT28” or “Sednit.”
Upon successful exploitation of the Windows bug, the malware “sets it persistence” on targeted machines, ESET explained.
“Hence, the Hacking Team leak provides a complete exploitation chain, starting from a Flash exploit for the compromise, to a Windows escalation privilege exploit allowing the payload execution with elevated privileges,” the blog said.
While Adobe quickly patched the Flash Player vulnerability (CVE-2015-5119) on Wednesday, there is still no patch for the Windows zero-day.