Friday, August 18, 2017
Home / Malware / Recent IE Zero-Day attacks lead to the Elderwood group, Symantec states

Recent IE Zero-Day attacks lead to the Elderwood group, Symantec states

Symantec has talked about the recent IE zero-days being utilized in their research paper about the Elderwood Project. The paper highlights a string of watering hole attacks by the Elderwood group. After revisiting those previous attacks, they’ve been capable to support that this latest Internet Explorer zero-day is a sequel of the Elderwood Project.

Symantec reported, in May 2012, Amnesty International’s Hong Kong website was compromised and utilized to dish out a malicious SWF file that exploited  , a vulnerability affecting Internet Explorer. Some months later in September, the same group behind that attack was responsible for utilizing another IE zero-day, CVE-2012-4969.

Then last month, the website for Council for Foreign Relations, a US-based think tank, was compromised to serve CVE-2012-4792, the IE bug Microsoft warned about last week. But that wasn’t the only site serving this vulnerability, according to the firm.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Exploit Kit activity on a steep decline since April

As malware writers are moving to Neutrino and RIG exploit kits (EK) for dispersal needs, security experts …