New IE8 Zero-day was used in the DOL Watering Hole attack

A Few days ago Alienvault Labs reported the U.S Department of Labor website was hacked and redirects to the malware page.  In their report, they mentioned the exploit used in the attack was CVE-2012-4792.

After further analysis security researchers have discovered the vulnerability exploited in the cyber attack wasn’t CVE-2012-4792 but a new zero-day affecting Internet Explorer 8.

CVE identifier CVE-2013-1347 has been assigned for this new IE vulnerability. Microsoft noted that Internet Explorer 6, IE7, IE9, and IE10 are not affected by the vulnerability.
“U.S Department of Labor website wasn’t the only entity affected and we can confirm that at least 9 other websites were redirecting to the malicious server at the same time” AlienVault reports.

According to their report, the cyberattack targets the websites belong to several non-profit groups and institutes as well as a big european company that plays on the aerospace, defence, and security markets.

Invincea’s founder Anup Ghosh told NextGov that the “target of the attack is [Energy Department] folks in a watering hole style attack compromising one federal department to attack another”.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Read More

Suggested Post