Attacker have used security hole in Internet Explorer 8 to install
spyware on computers of employees of the nuclear weapons research
program of the U.S. Department of Energy, reported the website Nextgov.
First attacker infected an unsafe website of the U.S. Department of
Labor then the employees of the nuclear weapons research program
infected from infected website.
The Trojan is a variant of the Poison Ivy toolkit that has been modified so that only a few antivirus programs can detect it.
There is no evidence internal Labor data and services were
manipulated or lost, according to agency officials. "The department will
continue the investigation and will ensure that appropriate precautions
and safeguards remain in place to protect our information and
information systems",read Nextgov
The Trojan horse is use a command-and-control protocol similar to
that which has already been used by the alleged Chinese hacker group
Deep Panda.
Microsoft has confirmed the vulnerability in Internet Explorer 8 and
said there is not a patch and recommends a Windows update to newer
versions of Internet Explorer
No comments:
Post a Comment