Russian Hackers Exploit Windows 10/11 and Firefox Vulnerabilities in Widespread Attacks

A recent report published by Slovak cybersecurity firm ESET has revealed that the suspected Russian hacker group RomCom is actively exploiting vulnerabilities in Windows 10/11 and the Firefox browser to launch widespread attacks.

Given the initial timeline of these attacks, security researchers have cautiously classified them as zero-day exploits. Although these vulnerabilities have since been patched, the hackers had successfully exploited them before the fixes were implemented.

Previously, RomCom also targeted the Japanese electronics manufacturer Casio, deploying ransomware. When Casio refused to pay the ransom, the hacking group leaked various sensitive internal data to the internet.

Returning to the ESET security report, upon discovering the attack activities and exploited vulnerabilities, researchers responsibly notified the Mozilla Foundation. The very next day, on October 9, Firefox released a new version that addressed the vulnerabilities.

RomCom utilized these vulnerabilities to install malware on targeted computers almost entirely without user interaction, allowing the installation of malicious software without the users' awareness. This software then continuously monitors the user in the background.

The vulnerabilities in Windows 10/11 were patched in a security update released on November 12. Thus, currently, users can protect themselves from attacks by ensuring they are using the latest version of Firefox and have installed the latest security updates for Windows 10/11.

The dual approach of RomCom, engaging in both ransomware attacks and targeted attacks, is somewhat perplexing. Typically, the former is motivated by financial gain, while the latter has surveillance objectives. It is relatively rare for hacker groups to engage in both types of "business" simultaneously.

Users interested in learning more can view Microsoft's vulnerability report at: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49039

ESET(5)Firefox(30)Hacker(37)RomCom(1)Vulnerabilities(10)Windows(83)

Copyright Notice:
Thank you for reading. This article was written by Landian News, and the author is Brook.X. If you wish to repost this article, please include a link to the original: https://landian.news/article/4279.html

{{userData.name}}

Russian Hackers Exploit Windows 10/11 and Firefox Vulnerabilities in Widespread Attacks

Microsoft to Phase Out WSUS Driver Synchronization in April 2025, Shifts to Cloud-Based Driver Services

After Sustained Attacks, the Internet Archive Partially Restores Service Offering Read-Only Snapshots Without New Content Storage

AMD's Bold Move: New RYZEN AI Processors Drop Windows 10 Support

Internet Archive Hit by Continuous DDoS Attacks and Hacked, Exposing Data of 31 Million Users

Microsoft Tests Adding Game Ads to Windows 11 Settings Homepage to Lure Users into Trying More New Games

0patch Announces Five Years of Security Support for Windows 10 at $27 per Device

CrowdStrike Offers $10 Food Delivery Vouchers to Partners After a Global Blue Screen Incident Affects 8.5 Million Computers 😂

Microsoft Responds to Criticism with Improved Default App Settings in Windows 11

Windows 11 24H2 Update Paused: What You Need to Know

Kraken Crypto Exchange Hit by Exploitation and Extortion from Security Firm CertiK

[Download ] New Wallpapers! Windows 365 Link Default Wallpapers Released in Dark and Light Modes

Apple Blocks Methods to Bypass AI Restrictions in iOS 18.2 Beta 3, Including Nugget Software

Apple Introduces ChatGPT Usage Cap in iOS 18.2 to Encourage ChatGPT Plus Subscriptions

Apple Enhances "Find My" with Encrypted Link Sharing for Real-Time Location of Items

ChatGPT Experiences Outage, OpenAI Actively Working on a Fix

Apple Adds New Option for AirPlay Screen Sharing in macOS 15.2: Option to Share Specific Windows Only

macOS Sequoia 15.2 Beta Adds Weather Widget to the Status Bar for Easier Weather Access

Defying Nintendo's Legal Threats: Ryujinx Emulator v1.2.72 Unleashed