The Hacker News

on Tuesday, 24 September 2013
 

 

The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers // via fulltextrssfeed.com

Internet Explorer zero-day exploit used watering hole attacks to target Japanese users
9/24/2013 2:02:00 PM

Attackers exploiting a zero-day vulnerability CVE-2013-3893 in Microsoft's Internet Explorer browser and served them on compromised popular Japanese news websites.
According to FireEye, at least three major Japanese media websites were compromised in watering hole attacks, dubbed Operation DeputyDog, appears to target manufacturers, government entities and media organizations in Japan.
The compromised sites recorded more than 75,000 page views before the exploits were discovered. The zero-day vulnerability in IE 8 and 9 allows the stealthy installation of software in the users' computers which then can be remotely accessed by the hackers.

The hackers typically use Trojans designed specifically for a pay-to-order attack to steal intellectual property. Researchers saw a payload executable file used against a Japanese target posing as an image file hosted on a Hong Kong server.

The attack in Japan was discovered two days after Microsoft disclosed the flaw ,"The exploit was attacking a Use After Free vulnerability in IE's HTML rendering engine (mshtml.dll) and was implemented entirely in Javascript (no dependencies on Java, Flash etc.), but did depend on a Microsoft Office DLL which was not compiled with ASLR (Address Space Layout Randomization) enabled," Microsoft Security Advisory.

FireEye also claimed the group responsible for DeputyDog is the same one that compromised security firm Bit9 back in February 2013. FireEye did not disclose which sites were infected, but said that Japanese computer security authorities were working with the media outlets to remediate the issue.

Microsoft released a FixIt tool and urged IE users to install that as a mitigation until a patch was ready.

Author details

photo of Mohit Kumar

aka 'Unix Root' is Founder and Editor-in-chief of 'The Hacker News'. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. Follow him @ Twitter | LinkedIn | | | Facebook Profile

Latest Hacking News Updates

 

You are receiving this email because you subscribed to this feed at feedmyinbox.com

If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)