A government-aligned attacker tried using a Microsoft vulnerability to attack U.S. and E.U. government targets.
Researchers have added state-sponsored hackers to the list of adversaries attempting to exploit Microsoft’s now-patched Follina vulnerability. According to researchers at Proofpoint, state-sponsored hackers have attempted to abuse the Follina vulnerability in Microsoft Office, aiming an email-based exploit at U.S. and E.U. government targets via phishing campaigns.
Proofpoint researchers spotted the attacks and believe the adversaries have ties to a government, which it did not identify. Attacks consist of campaigns targeting victims U.S. and E.U. government workers. Malicious emails contain fake recruitment pitches promising a 20 percent boost in salaries and entice recipients to download an accompanying attachment.
In a Twitter-based statement, Sherrod DeGrippo, vice president of threat research at Proofpoint, said about 10 Proofpoint customers had received over 1,000 such messages.
The malicious attachment targets the remote code execution bug CVE-2022-30190, dubbed Follina.