IE Zero-Day Served by DeputyDog Cybercriminals from US Veterans of Foreign Wars Site


Connections between the SnowMan, DeputyDog, and Ephemeral Hydra campaigns

A sophisticated group of cybercriminals, the ones who have previously conducted the DeputyDog and Ephemeral Hydra campaigns, are using an Internet Explorer zero-day in a new operation dubbed SnowMan.

Security researchers from FireEye have spotted the zero-day exploit, which impacts IE 9 and 10, on the website of the US Veterans of Foreign Wars (vfw.org). Experts believe that this is part of an attack targeting US military personnel.

The cybercriminals behind this attack are known for targeting high-profile organizations. They’ve previously attacked US government entities, defense industrial base companies, law firms, Japanese companies, and NGOs. They’ve also targeted IT and mining companies, mostly by relying on remote access Trojans (RATs).

Microsoft has confirmed the existence of the exploit. The company advises customers to update Internet Explorer to version 11 to protect themselves against such attacks.

Additional technical details on the IE zero-day exploit and the SnowMan campaign are available on FireEye’s blog.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s