RomCom Hackers Exploit Firefox and Windows Zero-Days in Cyberattacks

November 26, 2024 at 10:34 AM

•

1 min read

RomCom Hackers Exploit Firefox and Windows Zero-Days in Cyberattacks — Photo: The Hacker News

TL;DR Summary

The Russia-aligned threat actor RomCom has exploited zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows to deliver a backdoor on victim systems. The vulnerabilities, CVE-2024-9680 in Firefox and CVE-2024-49039 in Windows, allow for zero-click code execution and privilege escalation, respectively. RomCom used a fake website to redirect victims to a server hosting the malicious payload, leading to the installation of RomCom RAT. The attacks primarily targeted users in Europe and North America, highlighting RomCom's sophisticated cybercrime and espionage capabilities.

Topics:technology #cyberattack #cybersecurity #firefox #romcom #windows #zero-day

Share this article

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks The Hacker News
RomCom exploits Firefox and Windows zero days in the wild We Live Security
Firefox and Windows zero-days exploited by Russian RomCom hackers BleepingComputer
Zero-day, zero-click vulnerabilities in Mozilla and Windows exploited by Russia-aligned RomCom APT SecurityInfoWatch
RomCom hackers chained Firefox and Windows zero-days to deliver backdoor Help Net Security

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

85%

542 → 79 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights