Contact Contact Us

Polyclinic Of Russian Presidential Administration Suffers Zero-Day Attack

One of the polyclinics of the Presidential Administration of Russia suffered an APT attack at the end of November, after victims received a lure document that exploited an Adobe Flash zero-day (CVE-2018-15982) to download a malware with self-destruction functions. The polyclinics mainly serve civil servants of the highest authorities of the Russian Federation and high-profile figures from the science and art sectors. The sensitive nature of the polyclinic and its patients, as well as the occurrence of the attack after the recent Kerch Strait incident between Ukraine and Russia, suggest that the attack could be highly targeted with political undertones.

[1] Operation Poison Needles - APT Group Attacked the Polyclinic of the Presidential Administration of Russia, Exploiting a Zero-day

Ensign InfoSecurity Singapore
30A Kallang Place
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883