Friday, April 25, 2025
HomeComputer SecurityAPT Cyber Attack Using Unpatched Internet Explorer Zero-Day to Hack Windows Computers

APT Cyber Attack Using Unpatched Internet Explorer Zero-Day to Hack Windows Computers

Published on

SIEM as a Service

Follow Us on Google News

Cyber Criminals behind the APT attack using an Internet Explorer Zero-Day vulnerability to compromise the windows based computers.

An APT hacking group using MS Office document attack using the browser 0day vulnerability exploit this vulnerability on victims PC.

Cyber Criminals using variously advanced techniques to compromise the victims and execute the backdoor into their network and zero-day vulnerabilities are big fish for Malicious hackers to perform sophisticated cyber attacks in wide.

- Advertisement - Google News

Already Security researchers from Security Qihoo 360 Core revealed that they uncovered an IE 0day vulnerability has been embedded in malicious MS Office document, targeting limited users by a known APT actor.

Internet Explorer Zero-Day “double kill” Exploit 

An office document abused by cyber criminals and distributed this Zero-day vulnerability called “double kill”  to exploit latest versions of Internet Explorer and applications that use the IE kernel.

A Malicious office document distributed via spam email and other online media to reach the victims and tricked them to open the document leads to eventually infect the targetted computer.

Eventually, attacker implanted in the backdoor Trojan or even full control of the computer after the successful execution of windows based computers.

Mainly hackers using malicious embedded web page implement this APT attack to delivering an Office document and once the victims open the document, exploit code and malicious payload are loaded through the remote server.

According to weibo Report, The late exploit phase of the attack uses public UAC bypass techniques and uses file steganography and memory reflection loading to avoid traffic monitoring and fileless downloads.

If You can understand this Image language then you can help us to translate for other readers

Cybercriminals silently executing this Internet Explorer Zero-Day “double kill” vulnerability and run the malicious web page and background and execute an attack program.

Qihoo 360 Core already warned that users to not open office documents from unknown sources and they reported to Microsoft the details of the browser’s 0day vulnerability

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Microsoft Defender XDR False Positive Leaked Massive 1,700+ Sensitive Documents to Publish

An alarming data leak involving Microsoft Defender XDR has exposed more than 1,700 sensitive...

‘SessionShark’ – A New Toolkit Bypasses Microsoft Office 365 MFA Security

Security researchers have uncovered a new and sophisticated threat to Microsoft Office 365 users:...

Hackers Exploit MS-SQL Servers to Deploy Ammyy Admin for Remote Access

A sophisticated cyberattack campaign has surfaced, targeting poorly managed Microsoft SQL (MS-SQL) servers to...

New Report Reveals How AI is Rapidly Enhancing Phishing Attack Precision

The Zscaler ThreatLabz 2025 Phishing Report unveils the alarming sophistication of modern phishing attacks,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Russian VPS Servers With RDP and Proxy Servers Enable North Korean Cybercrime Operations

Trend Research has uncovered a sophisticated network of cybercrime operations linked to North Korea,...

New Malware Hijacks Docker Images Using Unique Obfuscation Technique

A recently uncovered malware campaign targeting Docker, one of the most frequently attacked services...

Hackers Deploy New Malware Disguised as Networking Software Updates

A sophisticated backdoor has been uncovered targeting major organizations across Russia, including government bodies,...