SINGAPORE - A cyber security team in Singapore has uncovered a large-scale online phishing campaign exploiting a security flaw in Adobe Flash Player.
Cyber security firm FireEye said in a statement that its team in Singapore uncovered the attack earlier this month. The attack, by a China-based threat group in the last several weeks, targets organisations in the aerospace and defence, high tech, telecommunications, construction and engineering, and transportation industries.
FireEye called the threat group responsible, APT3 or UPS, "one of the more sophisticated threat groups" that it tracks.
Adobe has released a patch for the security flaw on Tuesday (June 23), which FireEye recommended that users update to as soon as possible.
FireEye said that the phishing e-mail messages used in the attack were "extremely generic in nature, almost appearing to be spam". Clicking on the links in the e-mail messages will redirect users to compromised servers.