Attackers exploiting a zero-day vulnerability CVE-2013-3893 in Microsoft’s Internet Explorer browser and served
them on compromised popular Japanese news websites.
According to FireEye, at least three major Japanese media websites were compromised in watering hole attacks,
dubbed Operation DeputyDog, appears to target manufacturers, government entities and media organizations in
Japan.
The compromised sites recorded more than 75,000 page views before the exploits were discovered. The zero-day
vulnerability in IE 8 and 9 allows the stealthy installation of software in the users’ computers which then can be
remotely accessed by the hackers.
The hackers typically use Trojans designed specifically for a pay-to-order attack to steal intellectual property.
Researchers saw a payload executable file used against a Japanese target posing as an image file hosted on a
Hong Kong server.
The attack in Japan was discovered two days after Microsoft disclosed the flaw ,“The exploit was attacking a Use
After Free vulnerability in IE’s HTML rendering engine (mshtml.dll) and was implemented entirely in Javascript (no
dependencies on Java, Flash etc.), but did depend on a Microsoft Office DLL which was not compiled with ASLR
(Address Space Layout Randomization) enabled,” Microsoft Security Advisory.
Featured News
Hacking Facebook Account with
just a text message
iPhone's iOS 7 Lockscreen hack allows to
bypass Security
Newsletter Signup
Enter Email address... Subscribe
+1,028,000 102,000
Follow
194,500

IT Security festival

Presentations, workshops, product demos! Check our site for details
Download Free
Software
mobogenie.com/download-software
Download Free PC Manager
Software. Easy File Transfer.
Download Now !
Penetration Testing
Become a Cyber Warrior
Change your IP free
Download Password
Manager
F5 Training
Ultimate Sensitivity
Find Your Publisher UK
Buffer 0 Reddit 3 2 83 32 Like 39 4