IE Encountering Zero-Day Vulnerability, APT Malware Abusing it

Qihoo 360 a security company in China recently unearthed one fresh kind of malware circulating on the Web that robustly exploits 0-day vulnerability inside Internet Explorer (IE) for planting certain backdoor Trojan onto Windows computers.

The attack doesn't require end-users to work on IE since the particular web-page arrives implanted onto a contaminated Office file. The zero-day flaws are the worst flaws known which hackers exploit even before any software company realizes their presence.

Qihoo 360 observes that when a potential victim opens the file, there occurs a loading of every exploit code as well as their malicious payload via a remotely situated server. At its late stage, the attack utilizes one freely available UAC evasive tactic as well as utilizes file steganography along with loading via memory reflection for eschewing traffic monitoring as well as file-free loading.

Evidently, among the greatest threats which developers encounter, 0-day bugs represent some. These bugs are termed "0-day vulnerabilities" and are described as exploits which hackers find and abuse prior to any software firm able in releasing a relevant security patch. Komando.com posted this dated April 23, 2018.

Currently, cyber attackers are spreading malevolent Office files for planting malicious software and backdoor Trojans onto contaminated Windows PCs. The said tainted files are said to be abusing earlier unknown flaw of "double kill" type affecting IE along with all those applications which rely on the browser.

Now in the judgment of Qihoo 360 some APT (advanced persistent threat) gang is likely waging the assaults. The gang is highly organized in executing hacks with the key objective of stealing data, intentionally damaging critical infrastructures as well as disrupting businesses stealthily via focused assaults. While in general, APT gangs work via state sponsorship, it isn't yet clear whether the present assaults have any political motivation alternatively are associated with cyber espionage.

It seems certain APT gang is carrying out the attack worldwide. Unfortunately, end-users have little choice other than practicing the all time security exercise of maintaining up-to-date software and operating systems; ensuring there is enough malware protection in place; while not clicking open uncertain files.

» SPAMfighter News - 4/27/2018