IE Zero-Day Served by DeputyDog Cybercriminals from US Veterans of Foreign Wars Site

Connections between the SnowMan, DeputyDog, and Ephemeral Hydra campaigns

A sophisticated group of cybercriminals, the ones who have previously conducted the DeputyDog and Ephemeral Hydra campaigns, are using an Internet Explorer zero-day in a new operation dubbed SnowMan.

Security researchers from FireEye have spotted the zero-day exploit, which impacts IE 9 and 10, on the website of the US Veterans of Foreign Wars ( Experts believe that this is part of an attack targeting US military personnel.

The cybercriminals behind this attack are known for targeting high-profile organizations. They’ve previously attacked US government entities, defense industrial base companies, law firms, Japanese companies, and NGOs. They’ve also targeted IT and mining companies, mostly by relying on remote access Trojans (RATs).

Microsoft has confirmed the existence of the exploit. The company advises customers to update Internet Explorer to version 11 to protect themselves against such attacks.

Additional technical details on the IE zero-day exploit and the SnowMan campaign are available on FireEye’s blog.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s