Microsoft graphics component zero-day vulnerability allows attackers to install a malware via infected Word documents and target Microsoft Office users running on Windows Vista and Windows Server 2008.
FireEye, as confirmed by the post title, believes that the IE zero-day exploit could be used for Watering Hole Attack with specific intent to hit groups of individuals of specific interest for the attackers.
"As the payload was not persistent, the attackers had to work quickly, in order to gain control of victims and move laterally within affected organizations," said the company. The hackers are also employing novel methods to frustrate forensic investigation techniques.
- State-sponsored attacks that limited the audience to hit to remain under coverage. State sponsored attacks could be linked to government units or to group of cyber mercenaries, like the case of Icefog team discovered by Kaspersky Lab team.
- Malware based attacks that are conducted by cyber criminal for testing purpose. The malicious code is hosted on breached website visited by a limited portion of Internet users, in this way they retrieve important information to improve the malicious agent avoiding to be detected by security firms.