Exploits greeting users at foreign policy, human rights sites

Powered by SC Magazine
 

A host of websites, including the US-based Center for Defense Information, have been compromised with malicious code in order to target and infect visitors.

Cyber espionage malware writers are taking advantage of two recently publicized vulnerabilities -- one in Java and the other in Flash -- to hit unsuspecting visitors to human rights, military research and foreign government sites with drive-by exploits.

As of Monday, Amnesty International Hong Kong, the U.S.-based Center for Defense Information and the Cambodian Ministry of Foreign Affairs were still serving malware, according to a Tuesday blog post from the nonprofit Shadowserver Foundation and written by researchers Steven Adair and Ned Moran.

The adversaries are alternating between foisting fresh exploits that take advantage an Adobe Flash bug, for which an emergency patch was issued May 4, and an Oracle Java hole, plugged in February. The Center for Defense Information, founded in 1972, has been compromised to point users to the Flash exploit.

"Visiting these websites can initiate a chain reaction in which malicious code is loaded from multiple websites and results in a system compromise for vulnerable systems without other mitigating factors," the post said. In other words, users don't have to take any action for their machines to become compromised.

The Israel-based International Institute for Counter-Terrorism and Institute for National Security Studies, in addition to the Brussels, Belgium-based Centre for European Policy Studies also have been infected with malicious IFRAMEs and JavaScript.

"In recent months we have continued to observe 0-day vulnerabilities emerging following discovery of their use in the wild to conduct cyber espionage attacks," the post said. "Frequently by the time a patch is released for the vulnerabilities, the exploit has already been the wild for multiple weeks or months -- giving the attackers a very large leg up. Individuals and organizations must keep their software patched and updated as frequently as possible."

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


 
 
 
Top Stories
Photos: iTnews Benchmark Awards countdown begins
Just a few days left until entries close for 2014.
 
Australian Govt to rethink cyber security strategy
Six-year old policy to be refreshed.
 
The failure of the antivirus industry
[Blog post] Insights from AVAR 2014.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  21%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 1068

Vote