Two in-the-wild samples reported here
- The majority of the popular browsers including Chrome, FireFox, Internet Explorer and Safari with Flash Player installed are vulnerable to this issue.
- Microsoft Office 2007/2010/2013 - where the attack scenario will involve an office document with the malicious SWF file embedded in it. The document may arrive via an e-mail or as a drive-by download on the target system.
Adobe released a patch today to address this vulnerability.
1.) Monitoring modules for Instant messengers, Web Browsers, PC cameras & microphones, etc.
2.) Monitoring social media activities over Yahoo, Gmail, Twitter, and Facebook
3.) Hooking Outlook and getting email and contact details.
4.) Relaying infected system information including time, battery status, processor, memory, OS, user etc..
5.) Advanced keylogging capabilities
We also observed support for 64-bit operating system target.
|Hardcoded configuration file location|
|VirusTotal report for the Configuration Server|