Summary: Kaspersky Labs has identified a complex cyber-espionage campaign named Operation ForumTroll, utilizing a new Google Chrome zero-day exploit (CVE-2025-2783) initiated through spear-phishing emails. The attack required no additional action from victims once they accessed the malicious link, with the exploit bypassing Chrome’s sandbox protections. This operation is believed to be conducted by a state-sponsored APT group targeting Russian media, educational institutions, and government organizations.
Affected: Kaspersky Labs, Google Chrome users
Keypoints :
- Operation ForumTroll targets victims through spear-phishing emails posing as legitimate invitations.
- The exploit allowed attackers to bypass Chrome’s sandbox protections without any apparent malicious activity.
- A fix for the vulnerability was rapidly issued by Google after its discovery was reported by Kaspersky.
- The attack signifies a high-level espionage operation, with indications of its state-sponsored nature.
- Cybersecurity professionals are advised to update Chrome and strengthen email filtering measures.