MNKit usage links three cyber-espionage campaigns
http://i1-news.softpedia-static.com/images/fitted/340x180/exploit-generator-kit-shows-links-between-three-chinese-cyberespionage-campaigns.png
Jul 1, 2016 10:35 GMT · By Catalin Cimpanu An analysis of the MNKit exploit generator shows a connection between three cyber-espionage campaigns believed to originate from China.
MNKit is a software package with a limited circulation that can embed exploit code inside Office files in order to create custom malware.
This malware builder is specially adapted to create malicious MHTML files that take advantage of CVE-2012-0158, a five-year old vulnerability in the MS Office suite that leads to remote code execution on targeted systems.
Palo Alto Networks researchers say they've identified malware used in three different cyber-espionage campaigns that was generated with this toolkit, leading them to believe that the same group may be behind all three attacks.
Full Article