TweakTown
Tech content trusted by users in North America and around the world
5,673 Reviews & Articles | 36,064 News Posts
Weekly Giveaway: Fractal Design Arc Cases Contest (Global Entry!)

Red October attacks also used Java exploit, according to researchers

Red October attacks also used Java exploits to spread, according to researchers

| Hacking & Security News | Posted: Jan 15, 2013 9:11 pm

The Red October cyberespionage attacks were thought to have used Excel and Word exploits solely, but new data by a different set of researchers suggest that a Java exploit was also used to spread the infection. Israeli IT security firm Seculert was analyzing the Command and Control servers for the attack and found a special folder containing a malicious Java applet.

 

TweakTown image news/2/7/27880_1_red_october_attacks_also_used_java_exploit_according_to_researchers.jpg

 

The applet used an exploit that was patched back in October 2011, which suggests that the attackers preferred older, known vulnerabilities and not zero-day ones. The applet was compiled in February 2012, which furthers this theory. This discovery is being credited to the fact that the attackers switched from a PHP server-side scripting language to CGI on the C&C servers.

 

They left up older PHP-based attack pages, which allowed the source code to be viewed. Full analysis is now impossible as the attackers have shut the C&C servers down, likely to cover their tracks.

NEWS SOURCE
News.idg.no

Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Post a Comment about this news

Latest Tech News Posts

View More News Posts

Latest Downloads

View More Latest Downloads

TweakTown Web Poll

Question: Did EA kill the Battlefield franchise with the terrible BF4 issues?

Yes, Battlefield is doomed

No, Battlefield will live on strong

I'm not sure, but I know EA needs to improve its game

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Get TweakTown updates via Facebook!
Just click the "Like" button below