The Hacker News Logo
Subscribe to Newsletter

Chinese Hackers exploiting Internet Explorer Zero Day vulnerability for Cyber Espionage

Web site for the Council on Foreign Relations was compromised and recently hit by a drive-by attack that was detected earlier this week. Hacker are suspected to be from China , who are exploiting a zero day  Internet Explorer vulnerability for Cyber Espionage attack against one of American most elite foreign policy web groups.

According to Fireeye researchers, a malicious content on the website was hosted by hackers, that is exploiting Internet Explorer version 8.0 (fully patched version) to hack windows systems of visitors. "We have chosen not to release the technical details of this exploit, as Microsoft is still investigating the vulnerability at this time.

Once the system compromised, hackers look for valuable information from their computers, kinda Cyber Espionage. The FBI was notified of the attack and is said to be investigating. The CFR is one of the most elite foreign policy organizations in the United States with a membership of some 4,700 officials, former officials, journalists, and others. Its members include NBC anchor Brian Williams, Hollywood actress Angelina Jolie, and former Sen.

Firm also confirm that the malicious code was planted on the server using Mandarin Chinese language. In description parameter of MD5 of malicious files, they found simplified Chinese <文件说明> , that translates to <File Description>.
The securty specialists believe the attackers either removed their malicious software to prevent further details of the attack from being discovered, or CFR was able to isolate the software and remove it.

A similar Internet Explorer vulnerability was behind the major Aurora cyber attack on Google and other U.S. corporations that began in 2009 and was traced to China’s government.

David Mikhail, a Council on Foreign Relations spokesman, “The Council on Foreign Relations’ website security team is aware of the issue and is currently investigating the situation,” “We are also working to mitigate the possibility for future events of this sort.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.