In recent years, American and British companies hacked a vulnerability in Java in 2011 has already been patched by Oracle. The attackers behind the attacks also are sent out zip files containing malware to their victims. That Dell SecureWorks announced.
To the companies through the old Java vulnerability to attack the attackers hacked some 100 sites that were visited by employees. It then went to websites of major production companies, embassies of countries in the Middle East, Europe and Asia in Washington DC and non-governmental organizations (NGOs). To ensure that only the right companies were attacked, the attackers used a whitelist. Based on IP address was determined whether users were attacked via the Java leak.
The group would also be other known vulnerabilities for which patches have been attacked available, but the Java vulnerability would have been particularly popular. Once access to the machine of a worker obtained a vulnerability in JBoss was used from 2010 to redirect the browser to other users to the attack code, so that the attackers gained access to other systems.
Social Engineering
Besides attacking known vulnerabilities, the attackers also used social engineering. So were targeted emails sent to targets with a zip file. The zip file contains both legitimate files as malware. As contained one of the zip files a PDF file, an image, and the malware was disguised as a file. Because no standard Windows file extensions display saw users in this case that the "picture" for instance ended in .exe.
According to Dell, the attackers had to cater for defense companies and were looking for information on US defense projects.Companies and organizations in other sectors, however, were also targeted. How many companies the attackers were able to compromise was not disclosed.
No comments:
Post a Comment