Computer security remains a critical issue for everyday consumers and security researchers alike. Despite Adobe Flash being fully-patched and allegedly vulnerability-free, a previously unknown exploit has surfaced which lets attackers installed malware on people’s computers. It goes without saying this exploit could have very grave consequences, and might even affect Bitcoin users.
The integration of Adobe Flash – usually to play video files on the internet – has been a topic of controversy over the past few years. Even though a new HTML5 standard has been developed, which makes Adobe Flash unnecessary, most video platforms around the world still use this “outdated” solution. Even popular game streaming website Twitch.Tv still relies on Adobe Flash, causing CPU usage issues on Windows 10 for various browsers.
Despite developers’ best efforts, Adobe Flash is not safe from harm, as a recent zero-day exploit has been identified. For the time being, this exploit is only being used against government agencies, which seems to be part of a large espionage campaign carried out by Pawn Storm. That being said, it is only a matter of time until this vulnerability is exploited to infect individual computers at home.
It is uncertain which versions of Adobe Flash are vulnerable to this exploit, even though researchers have confirmed the two latest version are definitely on the list. Executing this vulnerability requires end users to visit specific websites where the exploit is hosted. This type of attack is called “spear phishing”, and has surfaced during espionage attempts in both 2014 and 2015.
At the time of publication, Adobe researchers are in the process of investigating the matter. The company received a proof-of-concept exploit on Tuesday, and an emergency patch is expected to be released by Adobe in the next few days. Individual users are advised to disable Flash on as many sites as possible, as any website – trusted or not – could be infected.
As long as more precise details remain unknown, it is hard to determine the exploit’s potential impact for Bitcoin users. We do know that this type of attack can install malware on a computer, and possible consequences reign from keylogging to encrypting specific file types and even sniffing out Bitcoin wallet files.
It is not the first time Adobe Flash is the subject of exploits and security vulnerabilities. That is only normal, as widely used services and plugins are top-priority targets for hackers. The time has come to stop using Adobe Flash altogether and create HTML5-based solutions.
What are your thoughts on this new zero-day exploit in Adobe Flash? How will it affect Bitcoin, users? Let us know in the comments below!
Source: Ars Technica
Images courtesy of Adobe, Shutterstock
1 Hova Villas Brighton & Hove
BN3 3DH United Kingdom
All rights reserved by Bitcoinist Ltd. | 2016.