Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets

A Russia-linked APT actor has been observed chaining two recent zero-day vulnerabilities in Firefox and Windows to deploy a backdoor on the victims’ machines, cyber security software company, ESET reports. The hacking group, tracked as RomCom, Storm-0978, Tropical Scorpius, and UNC2596, has been conducting opportunistic and targeted campaigns against various sectors, as part of both espionage and cybercrime operations.?

“In a successful attack, if a victim browses to a web page containing the exploit, an adversary can run arbitrary code – without any user interaction required – which in this case led to the installation of RomCom’s eponymous backdoor on the victim’s computer,” ESET reports. According to data collected by ESET, most of the potential victims of this exploit chain were located in North America – particularly the United States – and Europe.?

Read more here.