Russian hacking group RomCom are taking advantage of vulnerabilities found in Windows and Mozilla products to silently install malware.

Russian-based RomCom cybercrime group chained two zero-day vulnerabilities in recent attacks targeting Firefox and Tor Browser users across Europe and North America.

The Russia-aligned RomCom gang exploited the vulnerabilities to target hundreds of Firefox users across Europe and North America.

RomCom exploits Firefox and Windows zero-day flaws to deliver malware via fake websites in Europe and North America.

ESET Research details the analysis of a previously unknown vulnerability in Mozilla products exploited in the wild and another previously unknown Microsoft Windows vulnerability, combined in a zero-click exploit.

The no-click exploit launched in October infected computers in Europe and North America with the RomCom backdoor when victims were redirected through attacker-controlled websites.

Russia-backed hackers, known as RomCom, have exploited critical zero-day vulnerabilities in Mozilla Firefox and Windows to launch targeted attacks

Russian hackers seen exploiting two zero-days to deploy backdoors against victims in Europe and North America.