A Few days ago Alienvault Labs reported U.S Department of Labor website was hacked and redirects to malware page. In their report, they mentioned the exploit used in the attack was CVE-2012-4792.
After further analysis security researchers have discovered the vulnerability exploited in the cyber attack wasn’t CVE-2012-4792 but a new zero-day affecting the Internet Explorer 8.
CVE identifier CVE-2013-1347 has been assigned for this new IE vulnerability. Microsoft noted that Internet Explorer 6, IE7, IE9, and IE10 are not affected by the vulnerability.
“U.S Department of Labor website wasn’t the only entity affected and we can confirm that at least 9 other websites were redirecting to the malicious server at the same time” AlienVault reports.
According to their report, the cyber attack targets the websites belong to several non-profit groups and institutes as well as a big european company that plays on the aerospace, defence and security markets.
Invincea’s founder Anup Ghosh told NextGov that the “target of the attack are [Energy Department] folks in a watering hole style attack compromising one federal department to attack another”.