Threat Actors Exploit Adobe's Creative Cloud

Entrepreneurs using Adobe Creative Cloud as a part of their organizational operations need to guard against a new cyberattack model employed by threat actors. Other loopholes call for more robust countermeasures even when deploying adequate phishing solutions. Malicious actors are leveraging the popular application, Adobe Creative Cloud, to dispatch malicious links to users that seem legitimate. Failure to have robust email phishing protection mechanisms in place would compromise your credentials.

Global organizations extensively use Adobe Creative Cloud, the popular collection of apps for designing images, videos, and the web. With the security of your organizational data at stake, it makes sense to seek anti-phishing solutions. Given that financial organizations continue to be the top target of adversaries, it’s time to take adequate countermeasures.

The New Attack Model

Threat actors are heavily exploiting the popularity of the software suite to bypass solutions that ensure email security. This attack is a relatively more straightforward mechanism for the adversaries to steal user credentials. Experts at Avanan detected the security breach last December, where they noticed that potential attackers created Adobe accounts to carry out malicious activities. Once they come up with the account, they import a file in PDF format in the storage of Adobe Cloud. This file contains links leading to websites they use to steal user credentials.

As the attackers shared the files using Adobe Creative Cloud, the malicious links appeared legitimate to the victims. Moreover, the new attack model has been designed to bypass the ATP (Advanced Threat Protection) and other security measures. This explains why your organization needs the best phishing protection tools to weed out malicious links.

How Does The Campaign Work?

Cybersecurity experts who have been closely monitoring the malicious activities shared specific screenshots outlining how the attackers carry out the campaign. It appears that the perpetrators sent a PDF file titled ‘Closing.pdf‘ from Adobe. The recipient comes across an option labeled ‘Open,’ thinking that they can open the file. However, the file doesn’t work as per the victim’s expectations. Instead, they get redirected to the Adobe Document Cloud page.

Here, they find the option to ‘Access Document.’ However, the link will take the user to the page where the malicious actors steal their credentials. This page lies outside the Adobe Suite, and the organization ends up compromising its data. In a nutshell, the adversaries deploy this model to dispatch various documents that resemble the original ones from Adobe Cloud. Eventually, unsuspecting users end up being victims of malicious activities. Hence, businesses need to have powerful phishing protection tools and anti-ransomware solutions to draw their defensive line against the threat.

Adobe – A Repeated Threat Target and Vulnerability Source

The current attack on Adobe Creative Cloud has not been the only vulnerability incident associated with Adobe products. There have been other similar episodes of compromise with the software giant earlier. Two noteworthy incidents within the past few years occurred in 2019 and 2013, respectively. A brief description follows:

ElasticSearch Database Error Affecting 7.5 Million Users

In the incident reported in October 2019 by security researchersBob Diachenko and Comparitech, information such as last login time, country of origin, and account creation date of 7.5 million Adobe users allegedly remained exposed for a week. Though the situation did not reveal other critical information such as credit card details, such incidents could easily lead to phishing scams. They warrant serious thought as to how to stop phishing emails permanently.

Breach On Adobe Compromising 38 Million Accounts

This attack by malicious actors involving extensive user data compromise in October 2013 was reported by KrebsonSecurity. It exposed around 38 million users’ login information and 3 million credit card details besides the source code of multiple Adobe products. The victims were not users of a particular Adobe product. They could have been spread over various Adobe products, including Creative Cloud, Acrobat, Reader, Photoshop, etc. However, Adobe claimed that exposed credit card details were in encrypted condition.

Such incidents must constantly remind users that even giant software providers are not free from vulnerabilities, despite the highest security measures. It only emphasizes utmost caution by users and organizations using such products in security awareness and periodically examining and updating the security level of safeguards implemented.

What Can Organizations Do To Mitigate Risk?

As an organizational head, you must know how to stop phishing emails associated with such threats. Here are some effective measures that can work.

It makes sense to leverage your email phishing protection as a primary measure. You may consult experts to have the best phishing protection software in place.
Secondly, organizations need to train their employees on countering such new attack models. Given that human errors lead to 95% of security breaches, you can improve your security mechanism by adequately training your employees.
Close examination of the email content would also work in your favor. Before clicking on any document or link or furnishing your credentials, check the format and spellings in the message for possible errors.
AI-driven analysis in advanced anti-phishing tools is anticipated to be the next big thing to counter such threats.
Opening the PDF files in the sandbox would also work, and you need to scrutinize all the incoming links for malicious threats.
Resetting your password frequently would rule out a possible credential theft.

Final Words

Phishing still remains a critical attack vector in the continually expanding digital space. The current vulnerability of Adobe’s Creative Cloud, besides its earlier vulnerability episodes, further demonstrates the value of investing in employee training and integrating advanced anti-phishing solutions to combat threats. Forward-thinking enterprise leaders have collaborated with cybersecurity experts to keep phishing attempts at bay. As an enterprise owner with concern, it makes sense to draw your line of defense before it is too late.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Threat Actors Exploit Adobe’s Creative Cloud