The vulnerability was used in the wild against PyBitmessage v0.6.2 users. According to vendor's notice, Bitmessage developer Peter Šurda's Bitmessage addresses were compromised as well by the attackers.
KR-CERT reported in the wild exploitation of zero-day vulnerability in the latest version of Adobe Flash Player. According to the South Korean Computer Emergency Response Team (KR-CERT), the exploit has being used in the wild since mid-November 2017.
Security experts for FireEye linked the vulnerability to the hacking group TEMP.Reaper. The IP-addresses from which attacks were connected with the C&C-servers belong to the Internet provider Star JV - a joint venture of North Korea and Thailand.
Cisco Talos observed use of vulnerability in attacks conducted by Group 123.
According to FireEye, after successful exploitation of the vulnerability the system is infected with DOGCALL malware.
Cisco Talos specialists also reported cyberattacks using the malicious software, which they called Rokrat.
Satori botnet, Mirai malware
The vulnerability has been used in Satori attacks against Huawei's router model HG532. The most targeted countries include the United States, Italy, Germany, and Egypt.
Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.