The zero-day vulnerability in Internet Explorer for which Microsoft Tuesday an emergency patch released is used to infect visitors of an evangelical church in Hong Kong with malware. Attackers had placed an iframe on the denomination's website, which visitors sent by unnoticed to a website with an exploit. This exploit took advantage of the vulnerability that was present in IE7 to IE11.
In the case the attack was successful Korplug the malware was installed, says Symantec. Korplug is a Trojan horse designed to steal information. Through the malware attackers full control over the computer. According to anti-virus company, there was a so-called "watering hole" attacks, where attackers hacking websites which potential targets already visit on its own. In this way, the attackers do not have phishing emails to be sent, so that the longer attack may go unnoticed. In giving the emergency patch Microsoft had already indicated that the leak was actively attacked.
No comments:
Post a Comment