Adobe Systems warned that hackers are exploiting vulnerabilities in its Flash multimedia software platform in web browsers, and called on users to quickly patch their systems to prevent such attacks, Reuters reports.
The warning Monday came after cyber-security firm Kaspersky Lab said a group it was tracking, BlackOasis, used a previously unknown weakness to plant malicious software on computers before connecting them back to servers in Switzerland, Bulgaria and the Netherlands, the report said.
Kaspersky said the malware, known as FinSpy or FinFisher, is a commercial product typically sold to nation states and law enforcement agencies to conduct surveillance.
Kaspersky said its assessment of BlackOasis shows it is targeting Middle Eastern politicians and United Nations officials engaged in the region, opposition bloggers and activists, and regional news correspondents with the latest version of FinSpy.
The company said victims have so far been observed in Russia, Iraq, Afghanistan, the United Kingdom, Iran and elsewhere in Africa and the Middle East.
Adobe said it has released a Flash security update to fix the problem, which affected Google’s Chrome and Microsoft’s Edge and Internet Explorer browsers as well as desktop versions.
Adobe said in July that it would retire by the end of 2020 its once-ubiquitous technology used to power most of the media content found online, Reuters noted.
– Contact us at [email protected]