Usually, the Adobe Flash Player is described as a vulnerability due to its security flaws and the fact that Adobe doesn’t patch them as fast as they should.
The latest news which Reuters has just reported is that Adobe allows hackers to install malware on your PC. The malicious software was found by Kaspersky Lab and it is called FinSpy or FinFisher, which is usually used for surveillance by law enforcement agencies.
According to the experts, the malware installed via the Adobe Flash vulnerability affects all unpatched Linux, Mac, Chrome OS and Windows computers.
The Kaspersky Lab security report states that the company was actively tracking a hacker group called BlackOasis, which managed to plant the malicious software on computers via the security vulnerability in the Adobe Flash Player plugin, before connecting those computers back to servers in Netherlands, Switzerland, or Bulgaria.
BlackOasis is using FinSpy to target United Nations officials and Middle Eastern politicians, as well as regional news correspondents, activists, and opposition bloggers. Nevertheless, victims of the hacker group are already registered in the UK, Russia, Africa, Iraq, Iran, and Afghanistan.
Earlier this year, Adobe Systems said that they would put their vulnerable Adobe Flash Player plugin to sleep for good more than two years from now, in 2020. However, until that time, users will continue to be vulnerable to cyber attacks and malware like FinSpy. Thus, the Adobe team should make efforts to keep its software constantly updated.
The company has already released a security update to fix the issue letting hackers install malicious software, which affected the popular Google Chrome, Microsoft Edge, and Internet Explorer web browsers. Nevertheless, users should also make sure that they keep their apps and operating systems updated at all times.