MyBestRatedWebHosting's MBRW Second Semi-Annual 2011 Hosting Award has been officially announced! Save yourself time and money by reading our detailed review and learn who received the final award of the industry's best web host!

Recently Patched Internet Explorer Bug is Exploited in a Wave of Attacks

Recently Patched Internet Explorer Bug is Exploited in a Wave of Attacks

On the 20th of January, 2010, the first known attack to exploit a newly patched Internet Explorer bug occurred. Late in the afternoon on Wednesday, the Symantec’s Security Response team started noticing a lot of websites being victimized by the exploit, which flawlessly targets Internet Explorer 6 browser being run in Windows XP.

The Exploit

“The exploit works by force installing a Trojan that bypasses several security measures and grants hackers complete access to the victimized computer,” stated Josh Talbot, a Symantec intelligence manager. Once the Trojan has successfully gained access to the PC, it sends an email notification to the hackers to let them know the computer has been compromised. Although the attack began on Wednesday, it continued to affect websites for several days thereafter, and by noon the next there were hundreds of website hosting the malicious code. Most of the websites hosting this code were on free hosted domains or domains the hackers had setup themselves.

History and Solution

Surprisingly, the very same Internet Explorer IE bug was exploited in December of 2009 to compromise the security of the Google corporation’s network, and has even been traced to similar situations at thirty three other corporations, including Adobe Systems. Microsoft has assured the public that the threat no longer exists however, as they corrected the security flaw in the early hours of Thursday morning. Although the original exploit targeted the IE 6 browser, hackers have also learned out how to use it with later versions of Internet Explorer as well. Although these later exploitations do not seem to have been used in the recent IE 6 attacks, states Talbot.

Cause for Concern?

This exploit poses a serious security concern, as Internet Explorer 6 is still very widely used in many households, and it appears that modern hackers are now focusing more on widespread attacks instead of isolated exploits. Talbot has this to say about the situation – “It may be an indication that attackers have finally ramped up their attack toolkits and are now ready to launch widespread attacks”. Talbot believes the perpetrators are luring traffic towards their website through the use of spam and other viral bum marketing methods such as instant messaging. In fact, the next day Websense even published a few example emails showing how the attackers formatted the emails that attracted visitors to the code-bearing site. The emails were sent by spoofed email addresses that appear to be familiar to the victim, and contained a link to the attack site.

Could This Be Technical Warfare?

Patrik Runald, a security research manager for Websense stated these emails have also been delivered to targeted corporations in the United States and the United Kingdom as well. Runald had this to say about the situation – “These attacks are actually continuing; they happened today; they happened yesterday and they happened the day before.” Some internet security experts think that this recent wave of systematic and strategically targeted attacks are a part of a organized technical espionage campaign that some say could be originating from China.

Related Articles

  • Top Three Reasons Not to Use Internet Explorer
  • Be Aware of IFrame Malware
  • Be Sociable, Share!
    « »

    Submit your Review