Adobe confirms it was also hit in ‘Operation Aurora’ Google hack

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

At almost the same time as Google was telling the world that attacks it believed to have originated from China had targeted its systems, Adobe made a brief statement saying that it too had been on the receiving end of a “sophisticated, co-ordinated attack”.

Adobe attack statement

Presently it is not believed that any customer, financial, employee or any other sensitive data was compromised during the attack, which Adobe became aware of on January 2nd.

According to the company – which makes the ubiquitous PDF reader and Flash plug-in software used by many millions of computers around the world – other unnamed companies were also affected by the attack, which has been dubbed “Operation Aurora” by security experts.

Sign up to our free newsletter.
Security news, advice, and tips.

There has been some confusion (documented by Brian Krebs on his blog) about whether the Adobe attack was connected with the targeted attack on Google that has made front page headlines around the globe.

Initially, Adobe’s spokesperson Wiebke Lips told Krebs that it was “just a bad coincidence” that news of the Google and Adobe attacks came out on the same day.

However, the charmingly-monikered Ms Lips subsequently did an about-face telling ComputerWorld that the incidents were related after all.

Speculation is sure to grow in the computer security community that the attackers were using boobytrapped PDF files that exploited unpatched zero-day vulnerabilities in Adobe Reader to gain control over corporate computers.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.