Red October attacks also used Java exploit, according to researchers

Red October attacks also used Java exploits to spread, according to researchers.

@tracehagan
Published Tue, Jan 15 2013 3:11 PM CST   |   Updated Tue, Nov 3 2020 12:25 PM CST

The Red October cyberespionage attacks were thought to have used Excel and Word exploits solely, but new data by a different set of researchers suggest that a Java exploit was also used to spread the infection. Israeli IT security firm Seculert was analyzing the Command and Control servers for the attack and found a special folder containing a malicious Java applet.

Red October attacks also used Java exploit, according to researchers | TweakTown.com

The applet used an exploit that was patched back in October 2011, which suggests that the attackers preferred older, known vulnerabilities and not zero-day ones. The applet was compiled in February 2012, which furthers this theory. This discovery is being credited to the fact that the attackers switched from a PHP server-side scripting language to CGI on the C&C servers.

They left up older PHP-based attack pages, which allowed the source code to be viewed. Full analysis is now impossible as the attackers have shut the C&C servers down, likely to cover their tracks.

NEWS SOURCE:news.idg.no

Trace is a starving college student studying Computer Science. He has a love of the English language and an addiction for new technology and speculation. When he's not writing, studying, or going to class, he can be found on the soccer pitch, both playing and coaching, or on the mountain snowboarding.

Newsletter Subscription

Related Tags

Newsletter Subscription
Buyer Guides
Latest News
View More News
Latest Reviews
View More Reviews
Latest Articles
View More Articles