Windows Zero-Day Used in Targeted Attack

Wednesday, January 8, 2014 @ 02:01 PM gHale

When it comes to security, one lesson to remember is to install patches as soon as possible.

That lesson comes after at least 28 embassies located in a capital city from the Middle East ended up targeted in a sophisticated cyber operation that leveraged a just found security hole in Windows XP and Server 2003.

Backdoor Found in Routers
Linux Backdoor Steals Information
D-Link Patches Router Bugs
XSS Bugs in D-Link Routers

The Zero Day, which has an impact on the kernel component of the Windows operating systems, came to the forefront by Microsoft in late November 2013.

Shortly after, security researchers from Trend Micro came across a malicious PDF file that exploited the vulnerability in order to deliver a backdoor.

After further analysis, Trend Micro researchers found the exploit saw the light of day in an attack targeted at the embassies. The attackers had sent malicious emails with an attachment that referenced the Syrian conflict. The attachment was actually a backdoor detected as BKDR_TAVDIG.GUD.

Trend Micro said it is difficult to determine who is behind the attack. However, the sophistication and the resources possessed by the attackers suggest they are above the typical everyday bad guys.

Leave a Reply

You must be logged in to post a comment.