Menu Close

Chinese Hackers exploiting Internet Explorer Zero Day vulnerability for Cyber Espionage

 

Author : Mohit Kumar on 12/29/2012 03:37:00 AM

 

Chinese Hackers exploiting Internet Explorer Zero Day vulnerability for Cyber Espionage

Web site for the Council on Foreign Relations was compromised and recently hit by a drive-by attack that was detected earlier this week. Hacker are suspected to be from China , who are exploiting a zero day  Internet Explorer vulnerability for Cyber Espionage attack against one of American most elite foreign policy web groups.

According to Fireeye researchers, a malicious content on the website was hosted by hackers, that is exploiting Internet Explorer version 8.0 (fully patched version) to hack windows systems of visitors. “We have chosen not to release the technical details of this exploit, as Microsoft is still investigating the vulnerability at this time.
Once the system compromised, hackers look for valuable information from their computers, kinda Cyber Espionage. The FBI was notified of the attack and is said to be investigating. The CFR is one of the most elite foreign policy organizations in the United States with a membership of some 4,700 officials, former officials, journalists, and others. Its members include NBC anchor Brian Williams, Hollywood actress Angelina Jolie, and former Sen.
Firm also confirm that the malicious code was planted on the server using Mandarin Chinese language. In description parameter of MD5 of malicious files, they found simplified Chinese <文件说明> , that translates to <File Description>.
china
The securty specialists believe the attackers either removed their malicious software to prevent further details of the attack from being discovered, or CFR was able to isolate the software and remove it.
A similar Internet Explorer vulnerability was behind the major Aurora cyber attack on Google and other U.S. corporations that began in 2009 and was traced to China’s government.
David Mikhail, a Council on Foreign Relations spokesman, “The Council on Foreign Relations’ website security team is aware of the issue and is currently investigating the situation,” “We are also working to mitigate the possibility for future events of this sort.

About Author:

Photo Mohit (Mobile) aka ‘Unix Root’  is Founder and Editor-in-chief  of ‘The Hacker News’. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. His editorials always get people thinking and participating in the new and exciting world of cyber security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. His all efforts are to make internet more Secure. Follow him @ Twitter | LinkedIn |   | Email | Facebook Profile

%d bloggers like this: