Exploits greeting users at foreign policy, human rights sites

Powered by SC Magazine
 

A host of websites, including the US-based Center for Defense Information, have been compromised with malicious code in order to target and infect visitors.

Cyber espionage malware writers are taking advantage of two recently publicized vulnerabilities -- one in Java and the other in Flash -- to hit unsuspecting visitors to human rights, military research and foreign government sites with drive-by exploits.

As of Monday, Amnesty International Hong Kong, the U.S.-based Center for Defense Information and the Cambodian Ministry of Foreign Affairs were still serving malware, according to a Tuesday blog post from the nonprofit Shadowserver Foundation and written by researchers Steven Adair and Ned Moran.

The adversaries are alternating between foisting fresh exploits that take advantage an Adobe Flash bug, for which an emergency patch was issued May 4, and an Oracle Java hole, plugged in February. The Center for Defense Information, founded in 1972, has been compromised to point users to the Flash exploit.

"Visiting these websites can initiate a chain reaction in which malicious code is loaded from multiple websites and results in a system compromise for vulnerable systems without other mitigating factors," the post said. In other words, users don't have to take any action for their machines to become compromised.

The Israel-based International Institute for Counter-Terrorism and Institute for National Security Studies, in addition to the Brussels, Belgium-based Centre for European Policy Studies also have been infected with malicious IFRAMEs and JavaScript.

"In recent months we have continued to observe 0-day vulnerabilities emerging following discovery of their use in the wild to conduct cyber espionage attacks," the post said. "Frequently by the time a patch is released for the vulnerabilities, the exploit has already been the wild for multiple weeks or months -- giving the attackers a very large leg up. Individuals and organizations must keep their software patched and updated as frequently as possible."

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


 
 
 
Top Stories
Business-focused Windows 10 brings back the Start menu
Microsoft skips 9 for the "greatest enterprise platform ever".
 
Feeling Shellshocked?
Stay up to date with patching for the Bash bug.
 
Amazon forced to reboot EC2 to patch Xen bug
Rolling restarts over next week.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  66%
 
Advanced persistent threats
  4%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1371

Vote