Microsoft also jumped in and patched up the Windows vulnerability on November 12 thanks to a heads-up from Google’s Threat Analysis Group.
And hey here’s an image to set the mood:
. Sneaky, huh?
Damien Schaeffer and Romain Dumont from ESET say that this level of sophistication demonstrates just how serious these guys are about their attack methods né?. They’ve also been pretty aggressive towards organizations affiliated with Ukraine ever since Russia’s invasion in 2014.
According to the team at ESET RomCom got crafty by combining these two zero-day bugs to pull off what they call a “zero click” exploit. Hey folks have you heard the latest? Security researchers just unearthed two brand new zero-day vulnerabilities that are currently being exploited by RomCom a hacking group with ties to Russia. As per their recent blog post, RomCom’s victims had to stumble upon a malicious website controlled by the group to fall into their trap né?. And guess who their targets are? Firefox browser users and Windows device owners scattered across Europe and North America.
RomCom is well-known for its cybercrime activities, often doing the dirty work for the Russian government. Remember that ransomware attack on Casio last month? Yep, that was them. Basically, they can now plant malware on a target’s computer remotely without having to trick the user into clicking on anything. Once the exploit was done, RomCom’s sneaky back door would be quietly installed on the victim’s machine, giving them free rein to snoop around.
Apparently, RomCom’s reach is quite extensive, with potential victims ranging from a handful to as many as 250 per country in their current hacking spree. A day later, it was all sorted out. And most of these targets are based in Europe and North America.
Thankfully, Mozilla was quick to patch up the vulnerability in Firefox after being tipped off by ESET
