In a report from ITWorld, the code used late last year to attack Google in China has now been made public on the internet, and has already been used in at least one hacking tool since its release.
On Thursday the code was submitted for analysis on the Wepawet malware analysis web site, which made it available around the internet. Shortly after the codes release it was integrated into one hacking tool available online, and could be seen around the internet said Dave Marcus, director of security research and communications at McAfee.
The exploit, which uses a security flaw in Internet Explorer 6 is very easily reproducible on a machine running Windows XP, even if fully up to date. The malicious code could also be modified to work on more recent versions of Internet Explorer, Marcus went on to say. The code could be used to run unauthorized software on a compromised computer by fooling them into viewing a maliciously coded webpage.
The same exploit was allegedly used to attack Google and 33 other companies in December last year and gain access to internal data and systems. According to Symantec and Juniper Networks who performed an independant investigation, Yahoo was also attacked using the flaw.
On Thursday, Microsoft issued a security advisory on the IE flaw and may release an out of cycle patch to fix the problem. The next relase of security patches is not until February 9th, giving hackers up to three weeks to further use the exploit, although security researchers have said that it is very hard to perform the attack on Windows 7 or Vista machines due to the advanced memory protection.
The flaw is so easily exploited that Germany's federal IT security agency, the Federal Office for Information Security advised users to avoid Internet Explorer until the exploit is patched.
25 Comments - Add comment