Russian Group is Behind the DDoS Attacks, Says Micrrosoft

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Microsoft has singled out Sofacy, an APT group long thought to have ties to Russia’s military intelligence arm GRU, as the entity behind targeted attacks leveraging Windows kernel and Adobe Flash zero days in targeted attacks. The group, which Microsoft calls Strontium, is also known as APT28, Tsar Team and Sednit among other identifiers.

Microsoft said the zero day vulnerability, the existence of which along with limited details were disclosed on Monday by Google, will be patched Nov. 8. Google said yesterday it privately disclosed both zero days, which were used in tandem in these targeted attacks against unknown victims, to Microsoft and Adobe on Oct. 21. Adobe rushed an emergency patch for Flash Player on Oct. 26, while Microsoft had yet to acknowledge the vulnerability until Google’s disclosure. Microsoft was critical of Google’s action yesterday and reiterated its stance today in a post, providing some details on the vulnerability and attacks.

“We believe responsible technology industry participation puts the customer first, and requires coordinated vulnerability disclosure,” said Terry Myerson, executive vice president Windows and Devices Group at Microsoft. “Google’s decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing, and puts customers at increased risk.”

Microsoft added that it is coordinating with Google and Adobe on the patch, which is being tested by partners. Nov. 8 is Microsoft’s next scheduled patch release. Microsoft said that the attacks were spreading in what it called a “low volume” spear phishing campaign. Sofacy’s targets are largely strategic: government agencies, diplomatic institutions, military organizations, defense contractors and public policy research institutes.

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Latest posts by Unallocated Author (see all)

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Leave a Reply

Do NOT follow this link or you will be banned from the site!