Hackers used previously unknown Internet Explorer flaw in new attacks

SAN FRANCISCO Fri Feb 14, 2014 7:01am IST

The Microsoft logo is seen on the wall of the company's branch in Prague March 17, 2013. REUTERS/David W Cerny/Files

The Microsoft logo is seen on the wall of the company's branch in Prague March 17, 2013.

Credit: Reuters/David W Cerny/Files

Related Topics

Stocks

   

SAN FRANCISCO (Reuters) - A previously unknown flaw in a recent version of Microsoft Corp's (MSFT.O) Internet Explorer web browser is being used to attack Internet users, including some visitors to a major site for U.S. military veterans, researchers said Thursday.

Security firm FireEye Inc (FEYE.O) discovered the attacks against IE 10 this week, saying that hundreds or thousands of machines have been infected. It said the culprits broke into the website of U.S. Veterans of Foreign Wars and inserted a link that redirected visitors to a malicious web page that contained the infectious code in Adobe Systems Inc's (ADBE.O) Flash software.

FireEye researcher Darien Kindlund said that the attackers were probably seeking information from the machines of former and current military personnel and that the campaign shared some infrastructure and techniques previously attributed to groups in mainland China.

He said planting backdoors on the machines of VFW members and site visitors to collect military intelligence was a possible goal.

A VFW spokeswoman didn't immediately respond to requests for comment.

A Microsoft spokesman said the company was aware of the "targeted" attacks and was investigating. "We will take action to help protect customers," said spokesman Scott Whiteaker.

The latest version of the browser is IE 11, which is unaffected, and a Microsoft security tool called the Enhanced Mitigation Experience Toolkit also protects users who have installed that.

Previously unknown flaws in popular software are a key weapon for hackers and are sold by the researchers who discover them for $50,000 or more, brokers say.

They are most often bought by defense contractors and intelligence agencies in multiple countries, but some of the best-funded criminal groups buy them as well.

(Editing by Cynthia Osterman)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

  • Most Popular
  • Most Shared

APPLE

A shattered large glass panel, part of Apple's cube store on Fifth Avenue, damaged from the results of the snowstorm on Tuesday is seen in New York, January 22, 2014. REUTERS/Shannon Stapleton/Files

Apple e-book settlement gets court nod

Apple Inc won preliminary court approval for its $450 million settlement of claims it harmed consumers by conspiring with publishers to raise e-book prices. In approving the accord, U.S. District Judge overcame concerns she had expressed over a settlement provision allowing Apple to pay just $70 million if related litigation were to drag out.  Full Article 

Reuters Showcase

Patent Battles

Patent Battles

Microsoft sues Samsung in U.S. over patent royalties.  Full Article 

Facebook Back Up

Facebook Back Up

Facebook restores service after outage in many countries.  Full Article 

LinkdIn Growth

LinkdIn Growth

LinkedIn's hiring business seen key to growth  Full Article 

HP Settlement

HP Settlement

Hewlett-Packard to pay $32.5 million to settle USPS pricing case  Full Article 

Digital Teleporting

Digital Teleporting

Film world's cast of toys teleport into digital playground   Full Article 

China Hacking?

China Hacking?

Hacking attack in Canada bears signs of Chinese army unit - expert  Full Article 

P2i IPO

P2i IPO

Start-up behind 'dunkable' phone technology explores Asian IPO  Full Article 

BBM for Windows

BBM for Windows

BlackBerry opens up BBM to Windows phone users  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage