Close Menu
Technotification
    Facebook X (Twitter) Instagram
    Facebook X (Twitter) Instagram
    Technotification
    • Home
    • News
    • How To
    • Explained
    • Facts
    • Lists
    • Programming
    • Security
    • Gaming
    Technotification
    Home › Security › State-Sponsored Chinese Hacking Groups Exploited Internet Explorer Flaw!

    State-Sponsored Chinese Hacking Groups Exploited Internet Explorer Flaw!

    By Vikram Singh RaoJune 7, 2017
    Facebook Twitter Reddit LinkedIn
    REDPaoliIE Day
    Internet explorer flow

    State-sponsored groups based in China utilised the recent Internet Explorer vulnerability to launch attacks on US and European companies in the defence, energy and financial services industries Reuters.

    The recent high-profile vulnerability affecting Microsoft’s Internet Explorer browser was exploited by two separate state-sponsored groups in China, according to a senior security expert. The browser’s vulnerability was first discovered by security firm FireEye, who alerted Microsoft to the flaw. Last Thursday, almost a week after first warning users of the threat, Microsoft issued an emergency security patch. Related Internet Explorer Vulnerability Leaves Windows XP Users Open to Attack Windows XP Gets Security Patch for Internet Explorer.

    In this time two different groups of sophisticated attackers were able to exploit the vulnerability, which affected all versions of Internet Explorer.
    While there is not yet any conclusive proof as to the group’s identity, a director at FireEye believes that based on previous campaigns the two attack groups were state-sponsored and operating in China.

    “Whoever carried out the attacks obviously had enough resources to either develop or purchase the exploits so I would not be surprised if they were state-sponsored,” 

    Darien Kindlund, director of threat research at FireEye, told IBTimes UK. “Based on previous research, China would be the obvious source of attacks.“

    According to Kindlund and FireEye, the first wave of attacks targeted US and Europe-based companies in the defence and financial services industry, most likely for the purpose of obtaining corporate secrets and stealing intellectual property. The second wave of attacks went after hi-tech and energy firms, also based in Europe and the US. The target companies have not been identified. State-sponsored attacks on NGOs.
    In a blogpost issued just before the Internet Explorer vulnerability was discovered, FireEye noted that China, along with Russia and Iran, was known to have existing and growing cyber operations to support their government’s political agendas.

    “Over the last few years, we have observed China-based advanced persistent threat (APT) groups frequently target US-based non-governmental organisations (NGOs),” said Jen Weedon, a research analyst at FireEye. The reason to target NGOs in this instance is because such organisations are perceived as instruments of US government policy.
    “Unsurprisingly, they were organisations with programmes that touched on Chinese human rights, democratic reforms and social issues,” Weedon added.  Two-way street Related Chinese Government Cyber Attacks on US Targets Resume Verizon Traces Half of Cyber Espionage Attacks to East Asia China ‘Launched’ Cyber Attack on Israeli Defence Targets  The Chinese government has consistently denied charges laid against it in relation to carrying out such attacks, instead accusing the US government of carrying out cyber espionage.

    Last year, security company Mandiant published a report detailing the activities of a group of hackers within China’s People’s Liberation Army who had allegedly stolen sensitive data from hundreds of US companies and government agencies. Following the report, a US government spokesperson said: “This is something we are going to have to come back at time and again with the Chinese leadership.” The latest Internet Explorer-focussed attacks are now “comprehensively” covered by Microsoft’s security patch, however Kindlund warned that many systems may still be vulnerable. “A non-trivial problem is whether people actually get the patch,” Kindlund said. “Those without automatic updates need to ensure they have it, while unlicensed Windows XP users will be permanently vulnerable.“

    Source: IBTIMES.

    Share. Facebook Twitter LinkedIn Tumblr Reddit Telegram WhatsApp
    Vikram Singh Rao
    • Website
    • Facebook
    • X (Twitter)
    • LinkedIn

    I am an entrepreneur at heart who has made his hobby turned a passion, his profession now.

    Related Posts

    NVIDIA GeForce NOW is Finally Coming to India

    January 8, 2025

    The Psychology of a Phishing Email: How Scammers Play with Your Mind

    July 16, 2024

    9 Essential Elements of a Strong Cyber Security Management System

    July 3, 2024

    Common Cyber Attacks and How to Prevent Them

    July 3, 2024

    How Cyber Security Paid Training Prepares You for Real-World Threats

    June 13, 2024

    The Role of Security in Server Colocation Environments

    March 12, 2024
    Lists You May Like

    10 Sites to Watch Free Korean Drama [2025 Edition]

    January 2, 2025

    The Pirate Bay Proxy List in 2025 [Updated List]

    January 2, 2025

    10 Best RARBG Alternative Sites in April 2025 [Working Links]

    April 1, 2025

    10 Best Torrent Search Engine Sites (2025 Edition)

    February 12, 2025

    10 Best GTA V Roleplay Servers in 2025 (Updated List)

    January 6, 2025

    5 Best Torrent Sites for Software in 2025

    January 2, 2025

    1337x Alternatives, Proxies, and Mirror Sites in 2025

    January 2, 2025

    10 Best Torrent Sites for eBooks in 2025 [Working]

    January 2, 2025

    10 Best Anime Torrent Sites in 2025 [Working Sites]

    January 6, 2025

    Top Free Photo Editing Software For PC in 2025

    January 2, 2025
    Pages
    • About
    • Contact
    • Privacy
    • Careers
    Privacy

    Information such as the type of browser being used, its operating system, and your IP address is gathered in order to enhance your online experience.

    © 2013 - 2025 Technotification | All rights reserved.

    Type above and press Enter to search. Press Esc to cancel.