Another phishing scam is making the rounds disguised as an Adobe security alert.

The emails exploit a recently uncovered vulnerability in the Flash software often used by web browsers to view video and feature an “important Flash update” subject line.

Volexity founder Steven Adair discovered the flaw which is based on the released data from the hack on the Team Hacking. The data included the source code for Team Hacking’s spy tools and the details of the vulnerabilities they exploit.

Adair explained in a threat advisory: "The attackers launched spoofed email messages purporting to be from Adobe. The email messages references an Adobe Flash update and encourages the recipients to click a link to download and install the update."

The link in the email, if clicked, installs data stealing malware on the victim machine using the Flash flaw.

This latest flaw is considered one of the most dangerous according to Volexity. The new attacks are believed to stem from a well known Advanced Persistent Threat (APT) group known as Wekby.

APT is a term used in the security community to refer to particularly advanced and dangerous hacker cartels.

Source: BusinessInsider