Symantec has talked about the recent IE zero-days being utilized in their research paper about the Elderwood Project. The paper highlights a string of watering hole attacks by the Elderwood group. After revisiting those previous attacks, they’ve been capable to support that this latest Internet Explorer zero-day is a sequel of the Elderwood Project.
Symantec reported, in May 2012, Amnesty International’s Hong Kong website was compromised and utilized to dish out a malicious SWF file that exploited , a vulnerability affecting Internet Explorer. Some months later in September, the same group behind that attack was responsible for utilizing another IE zero-day, CVE-2012-4969.
Then last month, the website for Council for Foreign Relations, a US-based think tank, was compromised to serve CVE-2012-4792, the IE bug Microsoft warned about last week. But that wasn’t the only site serving this vulnerability, according to the firm.