Russian spies took advantage of previously unknown vulnerabilities in Windows and Adobe Flash software to carry out online espionage campaigns around the world, FireEye’s security researchers said.
The so-called APT28 hacking group has been tied to cyberattacks on U.S. defense contractors, Eastern European governments and security groups, and on multinational organizations such as NATO.
{mosads}Some security firms believe APT28 was also responsible for the cyber intrusions at the State Department and the White House, which are widely considered to be the work of the Kremlin.
FireEye, the security firm that revealed the software vulnerabilities over the weekend, would not comment on the possible connection. The company is working with U.S. law enforcement to probe the attacks.
The firm revealed in a report that Russians used two zero-day exploits to launch a highly targeted hacking campaign. Zero-day exploits refer to software vulnerabilities that were unknown to the manufacturer at the time they were used.
Adobe issued a fix for the flaw on Tuesday, while Microsoft is still working on a patch, FireEye said.
APT28 was first identified in October by FireEye and another security firm, Trend Micro.
Operating since 2007, the group pursues military and security secrets as opposed to the intellectual property and financial data typically sought by Chinese hackers.
Researchers tied APT28 to the Russia by noting that nearly all of its hacking activity takes place during Russian business hours, and by finding malware instructions with Russian language settings.