TDR

Latest Ebola-themed phish leverages unpatched Windows bug

October 27, 2014

More Ebola-themed malicious emails are making the rounds, researchers at Websense warn, but this time the phishing ruses are being used to exploit a serious Windows vulnerability lacking a permanent fix.

Websense revealed in a Thursday blog post that some phishing emails were made to look like Ebola safety tips from World Health Organization (WHO), which actually led victims to remote access trojan (RAT) DarkKomet. Other emails appearing to contain information about the Ebola virus were booby trapped to exploit a Windows bug, CVE-2014-4114, in order to download and execute a malicious payload, the firm said.

The Windows vulnerability has also been leveraged by Russian cyberespionage group Sandworm Team.

Microsoft does not yet have a permanent fix for the flaw, but a temporary solution was made available last Tuesday. The tech giant assigned the vulnerability a new ID, CVE-2014-6352, as it continues to track the issue.

prestitial ad