Tech content trusted by users in North America and around the world
7,027 Reviews & Articles | 50,107 News Posts
Weekly Giveaway: Win a ZOTAC SONIX PCIe 480GB SSD (Global Entry!)

Red October attacks also used Java exploit, according to researchers

Red October attacks also used Java exploits to spread, according to researchers
| Hacking & Security News | Posted: Jan 15, 2013 9:11 pm

The Red October cyberespionage attacks were thought to have used Excel and Word exploits solely, but new data by a different set of researchers suggest that a Java exploit was also used to spread the infection. Israeli IT security firm Seculert was analyzing the Command and Control servers for the attack and found a special folder containing a malicious Java applet.

 

red_october_attacks_also_used_java_exploit_according_to_researchers_1

 

The applet used an exploit that was patched back in October 2011, which suggests that the attackers preferred older, known vulnerabilities and not zero-day ones. The applet was compiled in February 2012, which furthers this theory. This discovery is being credited to the fact that the attackers switched from a PHP server-side scripting language to CGI on the C&C servers.

 

They left up older PHP-based attack pages, which allowed the source code to be viewed. Full analysis is now impossible as the attackers have shut the C&C servers down, likely to cover their tracks.

NEWS SOURCES:News.idg.no

Related Tags

Got an opinion on this news? Post a comment below!
loading