IE Zero-day Assaults Mostly Target Chinese PCs
MMPC, the Microsoft malware Protection Center, has released the data according to which, Chinese and Korean computer users were the most severely affected online population because of the new surge in zero-day malware assaults exploiting vulnerability within Internet Explorer (IE).
The assaults, which were initially detected on March 9, 2010, involved backdoor programs and Trojan downloaders that allowed computer hackers to gain complete control over compromised systems. Software Company Microsoft released a security patch for the IE flaw, which was rated critical, on March 30, 2010. This was done following the spike in attacks as the attack code became public.
MMPC asserted that around 50 countries were chosen as targets. Of these, China and Korea had the greatest numbers of targeted PCs, while USA stood third although with a far fewer targets. As per the assessment made by Microsoft, Chinese computers were subject to 80% of the total assaults. Conversely, 11% of the attacks targeted South Korean computers and merely 5% aimed at American computers.
Notably, Symantec substantiated the figures that Microsoft released, though the company slightly deviated in the description of the target rates. According to a Symantec spokesman, the number of attacks in China is about tenfold that of Korea, while that in Korea, about identical the number in USA, according to the news published by ComputerWorld on April 1, 2010. The spokesman added that the number of assaults within other countries is seemingly 10% of that in USA.
Besides, according to MMPC, the attack scenario intensified soon as proof-of-concept became public that also was confirmed functional via public exploit testing kit. Moshe Ben Abu, an Israeli researcher, used evidence from McAfee's blog and established a working assault based on the widely known Metasploit testing tool for open-source penetration, according to the news published by ComputerWorld on April 1, 2010.
Reportedly, MMPC listed a minimum of 6 Trojan variants associated with the current attacks and stated that with the release of the patch, the attack expectedly would subside. Likewise, according to Symantec's Stewart, Just like the lifecycle pattern observed for most security flaws, it can be anticipated that the threat situation will calm down as updates and safeguards are issued and adopted.
Related article: IE & Gmail Show Up with Alarming Vulnerabilities
» SPAMfighter News - 12-04-2010