Hackers used previously unknown Internet Explorer flaw in new attacks

FireEye Labs today discovered a new zero-day vulnerability in Internet Explorer 9 and Internet Explorer 10 being exploited on the US Veteran of Foreign Wars website (VFW). No user interaction is required: just visiting a compromised website is enough to trigger a classic drive-by download attack, download and install a payload from a remote server.

Dubbed "Operation Snowman," the campaign - believed to be operating out of China - is similar to Operation DeputyDog and Operation Ephemeral Hydra, both of which used zero-day flaws to deliver remote access trojans in order to hit strategically important targets.

"It's a brand new zero day that targets IE 10 users visiting the compromised website - a classic drive-by download attack," the firm said. "Upon successful exploitation, this zero-day attack will download [an] XOR encoded payload from a remote server, decode and execute it."

The hackers may have been aiming to compromise service members visiting the site, according to the manager of threat intelligence for FireEye. The VFW has 1.4 million members, including 75,000 still on active duty, according to its website.

Read more -here-

• Tesla recalls new Cybertrucks over accelerator hazard
• Comcast rolls out 'Now' prepaid phone and internet plans
• Logitech adds ChatGPT button to hardware
• Boston Dynamics retires its hydraulic humanoid robot Atlas
• Microsoft starts testing ads in the Windows 11 Start menu
• Apple warns of iPhone 'mercenary spyware attack' across 92 countries