CyberWisdom Safe Harbor Commentary on Unpatched Internet Explorer Zero-Day to Hack Windows Computers
The APT hacker group attacked with MS Office documents using the browser 0day vulnerability exploits this vulnerability on the victim PC.
Cybercriminals using various advanced technologies to harm victims and execute backdoor programs and zero-day loopholes in the network are important means for malicious hackers to conduct extensive cyber attacks.
Security researchers from Security Qihoo 360 Core revealed that they discovered that an IE 0day vulnerability has been embedded in malicious MS Office documents targeted at the limited users of known APT participants.
360 Core Security
We have discovered that an IE 0day vulnerability has been embedded in a malicious MS Office document targeted at a limited number of known APT actor users. Detailed report to MSRC @msftsecresponse
Internet Explorer Zero Day Double Kill Vulnerability
An office file abused by cybercriminals and distributed a zero-day vulnerability called “Double Kill” to take advantage of the latest version of Internet Explorer and applications that use the IE kernel.
Distribute malicious office files through spam emails and other online media to spread the victim and trick them into opening the document, eventually causing the target computer to become infected.
Eventually, the attacker implanted a backdoor Trojan after successfully executing a Windows-based computer and even completely controlled the computer.
A hacker who is primarily using malicious embedded web pages implements this APT attack to deliver Office documents, once the victim opens the document, and uses code and malicious payload to load through the remote server.
According to Weibo, the late stage of the attack uses public UAC bypass technology and uses file steganography and memory reflection loading to avoid traffic monitoring and file downloads.
Cybercriminals silently executed this Internet Explorer Zero-Day “double-kill” vulnerability and run malicious Web pages and backgrounds and execute attack programs.
The Qihoo 360 core has warned users not to open office documents from unknown sources and report details of the browser’s 0day vulnerability to Microsoft.
Cyber Criminals behind the APT attack using an Internet Explorer Zero-Day vulnerability to compromise the windows based computers. An APT hacking group using MS Office document attack using the browser 0day vulnerability exploit this vulnerability on victims PC. Cyber Criminals using variously advanced techniques to compromise the victims and execute the backdoor into their network and zero-day vulnerabilities Engaging post, Read More…
thumbnail courtesy of gbhackers.com
If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post »