Tuesday, June 18, 2024

APT Cyber Attack Using Unpatched Internet Explorer Zero-Day to Hack Windows Computers

Cyber Criminals behind the APT attack using an Internet Explorer Zero-Day vulnerability to compromise the windows based computers.

An APT hacking group using MS Office document attack using the browser 0day vulnerability exploit this vulnerability on victims PC.

Cyber Criminals using variously advanced techniques to compromise the victims and execute the backdoor into their network and zero-day vulnerabilities are big fish for Malicious hackers to perform sophisticated cyber attacks in wide.

Already Security researchers from Security Qihoo 360 Core revealed that they uncovered an IE 0day vulnerability has been embedded in malicious MS Office document, targeting limited users by a known APT actor.

Internet Explorer Zero-Day “double kill” Exploit 

An office document abused by cyber criminals and distributed this Zero-day vulnerability called “double kill”  to exploit latest versions of Internet Explorer and applications that use the IE kernel.

A Malicious office document distributed via spam email and other online media to reach the victims and tricked them to open the document leads to eventually infect the targetted computer.

Eventually, attacker implanted in the backdoor Trojan or even full control of the computer after the successful execution of windows based computers.

Mainly hackers using malicious embedded web page implement this APT attack to delivering an Office document and once the victims open the document, exploit code and malicious payload are loaded through the remote server.

According to weibo Report, The late exploit phase of the attack uses public UAC bypass techniques and uses file steganography and memory reflection loading to avoid traffic monitoring and fileless downloads.

If You can understand this Image language then you can help us to translate for other readers

Cybercriminals silently executing this Internet Explorer Zero-Day “double kill” vulnerability and run the malicious web page and background and execute an attack program.

Qihoo 360 Core already warned that users to not open office documents from unknown sources and they reported to Microsoft the details of the browser’s 0day vulnerability

Website

Latest articles

Singapore Police Arrested Two Individuals Involved in Hacking Android Devices

The Singapore Police Force (SPF) has arrested two men, aged 26 and 47, for...

CISA Conducts First-Ever Tabletop Exercise Focused on AI Cyber Incident Response

On June 13, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) made history by...

Europol Taken Down 13 Websites Linked to Terrorist Operations

Europol and law enforcement agencies from ten countries have taken down 13 websites linked...

New ARM ‘TIKTAG’ Attack Impacts Google Chrome, Linux Systems

Memory corruption lets attackers hijack control flow, execute code, elevate privileges, and leak data.ARM's...

Operation Celestial Force Employing Android And Windows Malware To Attack Indian Users

A Pakistani threat actor group, Cosmic Leopard, has been conducting a multi-year cyber espionage...

Hunt3r Kill3rs Group claims they Infiltrated Schneider Electric Systems in Germany

The notorious cybercriminal group Hunt3r Kill3rs has claimed responsibility for infiltrating Schneider Electric's systems...

Hackers Employing New Techniques To Attack Docker API

Attackers behind Spinning YARN launched a new cryptojacking campaign targeting publicly exposed Docker Engine...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles