Trusted Design

APT Group Wekby Leveraging Adobe Flash Exploit

概要

As if the recent breach and subsequent public data dump involving the Italian company Hacking Team wasn’t bad enough, it all gets just a little bit worse. Emerging from the bowels of Hacking Team data dump was a Flash 0-day exploit (CVE-2015-5119) that was just patched today by Adobe as covered in APSB15-16. The exploit has since been added into the Angler Exploit Kit and integrated into Metasploit. However, not to be out done, APT attackers have also started leveraging the exploit in targeted spear phishing attacks as well. Before we start dishing the details, there is going to be one main takeaway from this blog post: If you haven’t already, update/patch your Adobe Flash now.

Created: 2026-02-23

Indicators

• hostname - gmail.bkz88.com -
• FileHash-SHA1 - 959638ee177b51bda8701c10258b4956f8b1c367 -
• CVE - CVE-2015-5119 -
• FileHash-SHA1 - 7389e78cca58de6cb2cbe2b631d2fec259e9cdcc -
• FileHash-MD5 - 079a440bee0f86d8a59ebc5c4b523a07 -
• hostname - info.imly.org -
• FileHash-MD5 - cfbcb83f8515bd169afd0b22488b4430 -

類似Pulses

• Multiple Chinese APT Groups Quickly Use Flash Zero-Day (score: 0.73)
• Latest Flash Exploit Used in Pawn Storm (score: 0.70)
• Operation RussianDoll (score: 0.69)
• Killing a Zero-Day in the Egg: Adobe CVE-2016-1019 (score: 0.68)
• CVE-2015-5122 Exploited in Strategic Web Compromise (score: 0.68)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る