Researchers at FireEye have exposed two new zero-day vulnerabilities in Microsoft’s Internet Explorer’s 7, 8, 9 and 10 versions that run on Windows XP or Windows 7 OS.
Hackers claimed to have inserted the zero-day vulnerability into a strategically vital website, which is famous for drawing visitors interested in national and international security policy.
According to the security firm, the nature of the undisclosed site hints that the cyber criminals are targeting specific people or businesses and suggests that government spying could be behind the attack.
Researchers said that a new IE zero-day exploit has been identified, which has been used in a strategic web compromise.
"Specifically, the attackers inserted this zero-day exploit into a strategically important website, known to draw visitors that are likely interested in national and international security policy," researchers said.
"We have identified relationships between the infrastructure used in this attack and that used in Operation DeputyDog."
Dubbed ‘the diskless 9002 RAT,’ the new Trojan appears to be an improved version of earlier malware initially discovered in September, which used another IE vulnerability and targeted organisations in Japan.
"Furthermore, the attackers loaded the payload used in this attack directly into memory without first writing to disk – a technique not typically used by advanced persistent threat (APT) actors," researchers added.
"This technique will further complicate network defenders’ ability to triage compromised systems, using traditional forensics methods."
However, Microsoft revealed plans to patch zero-day bug in one of its already-scheduled updates.
According to the US software major, the vulnerability influences an Internet Explorer ActiveX control.
