Printed from http://www.electronista.com

US Radiation health site involved in Chinese 'watering hole' attack

updated 10:58 am EDT, Sat May 4, 2013

Attack targeted nuclear weapons workers accessing health information

A US Department of Labor website tailored for nuclear weapons researchers has been compromised, redirecting visitors to a series of alternative websites. If the accessor was using Windows XP and Internet Explorer 8, the culmination of the attack inserted the "Poison Ivy" malware onto the computer, giving access to the user's data by "DeepPanda", a group of hackers believed to be located in China.

Microsoft has confirmed the code execution flaw in Internet Explorer 8. The ultimate fix for the issue is migration to a newer version of the browser, all that have fixes for the flaw. If an upgrade isn't possible, Microsoft advises users to set Internet and local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones, and to configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones. Both settings would require "white listing" trusted sites.

"For users of IE8, there is no patch currently available and with this exploit being out in the wild, the potential risk for damage is high" said researchers from security firm Invincea in an initial report on Wednesday.

The webpages that were affected provided information on illnesses suffered by personnel developing atomic weapons, making it a likely target for a "watering hole" attack. The websites have since been repaired, and law enforcement is looking into the matter.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Advertisement

Recent Reviews

Moshi iVisor AG and XT for iPad Air 2

Have you ever tried to put in a screen protector that relies on static to cling to the screen? How many bubbles and wrinkles does it h ...

Epson PowerLite Home Cinema 3500 projector

Trying to find the perfect projector for a home theater can be tricky, as there are bountiful options on the market from a large numbe ...

Thecus N2310 NAS

For every computer user, there comes a point of critical mass in data storage. When it hits, external hard drives, USB sticks and DVD ...

Advertisement

toggle

Most Commented

 
toggle

Popular News