Cybercriminals attack IE vulnerabilities
Wednesday, February 18, 2009
An IE exploit has been found in the wild that takes advantage of one of the two fixed vulnerabilities fixed by Microsoft last week in its monthly release of security patches.
The exploit exists thanks to a cybercriminal reverse engineering the security patch and creating malware that is sent via email, SCMagazineus.com reports.
A Word document containing code regarding the way IE7 handles types of content is sent in an email, according to the article. The code has an ActiveX object that accesses a website containing a downloader, which takes advantage of the vulnerability.
Users who open the attachment will install a backdoor trojan onto their machines, which is capable of communicating from a SSL encryption with a third-party server as it collects sensitive date from the user.
According to some security officials, the malware appears to have originated in China and has claimed an Asian journalist as a victim.
The timing of the attack, a week after security patches were released, may be an emerging trend among cybercriminals to bank on the fact users and organizations do not apply critical security patches in a timely manner.
Initially, this is how the Conficker, also known as Downadup, worm began.
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
