Russian-linked hacking group RomCom has exploited vulnerabilities in Mozilla Firefox and Microsoft Corp.'s MSFT Windows to target users across Europe and North America.
What Happened: In a blog post on Monday, security researchers at ESET shared that they have discovered that RomCom used two previously unknown zero-day vulnerabilities in a widespread cyberattack.
These flaws allowed hackers to deploy a "zero-click" exploit, installing malware remotely without user interaction.
See Also: Apple's Future Ventures, Huawei's New Chip, And Google's Antitrust Woes: This Week In Appleverse
RomCom leveraged these vulnerabilities through malicious websites to infect victims' devices with backdoor malware, granting them extensive access.
Mozilla patched the Firefox vulnerability on Oct. 9, while Microsoft addressed the Windows flaw on Nov. 12, after a report from Google's Threat Analysis Group.
Subscribe to the Benzinga Tech Trends newsletter to get all the latest tech developments delivered to your inbox.
Why It Matters: RomCom was previously associated with a ransomware attack on Japanese tech giant Casio. The group is also notorious for targeting organizations allied with Ukraine.
The attack by RomCom is also part of a broader pattern of Russian-linked cyber activities targeting various sectors globally. In September, it was reported that pro-Russian hackers disrupted the Taiwan Stock Exchange, causing temporary service instability.
During the same month, Microsoft's Threat Analysis Center reported a shift in Russian cyber tactics, with operations targeting the Kamala Harris-Tim Walz campaign ahead of the 2024 presidential election.
Previously in March, Microsoft revealed that Russian hackers, known as Nobelium, stole some of its source code by spying on senior executives.
Check out more of Benzinga's Consumer Tech coverage by following this link.
Read Next:
Apple's 2024 Black Friday Deals: Gift Cards Over Discounts -- Here's What You'll Get
Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.
Photo courtesy: Shutterstock
Market News and Data brought to you by Benzinga APIs