Symantec links Elderwood hackers to IE zero-day

The Elderwood Project, which Symantec Corp. has been linked to attacks on defence supply chains and IT services, is behind the finding of latest Internet Explorer zero-day vulnerability, according to the security software firm.

Late December, Microsoft rush to roll out a quick fix on a critical vulnerability in IE 6, 7 and 8 following a series of cyber espionage attacked delivered via drive-by downloads. Microsoft said the vulnerability may corrupt PC memory and allow attackers to execute code by convincing a user to visit an infected Web site which could enable the attacker to gain control of the user’s machine.
Symantec diagram of a watering hole attack

“After revisiting previous attacks, we have been able to confirm that the latest Internet Explorer zero-day is a continuation of the Elderwood Project,” according to Symantec’s official blog.

A three-year investigation into the group by Symantec has linked Elderwood to the theft of intellectual property from North America’s defence industry supply chain. The hackers are believed to be behind 678 attacks against 216 United Sates-based organizations and 86 attacks 35 Canadian organizations.

Symantec also believes the Elderwood group may be behind a the May 2012 attack on the Hong Kong Web site of Amnesty International as well as an attack last month on the Web site of a U.S.-based think tank.


Microsoft issues quick fix for IE8 vulnerability

The security firm said Elderwood hackers’ modus operandi involves the use of “seemingly an unlimited number” zero-day exploits and attacks on supply chain manufacturers who service the target organization.

Lately, Symantec said, the group has also shifted to so-called watering hole attacks which involve compromising certain Web sites likely to be visited by the target organization.

“It has become clear that the group behind the Elderwood Project continues to produce new zero-day vulnerabilities for use in water hole attacks and we expect them to continue doing so in the New Year,” Symantec said.

Read Symantec report on Elderwood Project here


Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now