Bad Guys Gain Info from Old Exploit

Wednesday, January 16, 2013 @ 02:01 PM gHale

Knowing users fail to update their installations, cybercriminals will always jump at the chance to take advantage of the vulnerabilities and that is why a 5-year-long cyber espionage campaign at one point was using an old Java exploit to push malware.

This revelation came out after Kaspersky Labs earlier this week unveiled the espionage program dubbed operation Red October that was tracking and following governments and other orgranizations.

‘Security Incident’ at Algeria Gas Field
India: Cyber Attacks Widespread
DHS: Infrastructure Attacks on Rise
Grid Vulnerable to Attack
Agencies Join in Security Plan
Security Legislation a Must: NSA Chief

Kaspersky experts have said the cybercriminals are leveraging vulnerabilities in Microsoft Word and Excel to push malware onto their victims’ computers.

However, according to Seculert, back in February 2012, they relied on an older Java vulnerability (CVE-2011-3544).

“In this vector, the attackers sent an email with an embedded link to a specially crafted PHP web page. This webpage exploited a vulnerability in Java, and in the background downloaded and executed the malware automatically,” the Seculert researchers said.

Oracle patched the security hole abused by this exploit back in October 2011, but the attackers utilized it in February 2012. This shows cybercriminals often make use of known vulnerabilities, knowing that users fail to update their installations.

Leave a Reply

You must be logged in to post a comment.