Snowman Attack Campaign Targets IE10 Zero-Day Bug

Military personnel appear to be the targets of watering-hole attacks from a hacked VFW website

Beware of a new watering-hole attack that targets a zero-day vulnerability in Internet Explorer 10. News of the vulnerability first surfaced Thursday, when security firm FireEye warned that, beginning on Tuesday, it had spotted drive-by attacks launched from the US Veterans of Foreign Wars (VFW) Website. FireEye said its been working with Microsoft to investigate the attacks.
The gang behind what FireEye has dubbed the Operation Snowman attack campaign appears to have hacked into the VFW Website and altered its HTML code, including introducing JavaScript that creates a malicious iFrame that targets a never-before-seen use-after-free bug in the IE10 browser. The bug allows the attackers to bypass two defensive technologies -- address space layout randomization (ASLR) and data execution prevention (DEP) -- that are meant to lock down the browser against these types of attacks.
If the attack is successful, the malicious JavaScript routine loads a Flash object that drops a payload, which downloads a ZxShell backdoor onto the targeted PC. Those looking after IE10 users may want to keep an eye on their proxy logs for the follow-on download as a potential indicator of the attack, said SANS Internet Storm Center handler Chris Mohan in a blog post.
Read the full article
here
.
Have a comment on this story? Please click Discuss below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Snowman Attack Campaign Targets IE10 Zero-Day Bug