• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 9th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

Hackers target Forbes visitors through chained Flash and IE Zero-days vulnerabilities

February 12th, 2015 Pushpa Mishra Security 0 comments
Hackers target Forbes visitors through chained Flash and IE Zero-days vulnerabilities
Share on FacebookShare on Twitter

Hackers pieced together zero-day vulnerabilities in Flash and Internet Explorer 9+ to attack financial services and defense contractor employees visiting Forbes.com, according to security firm researchers, Invincea and iSIGHT Partners.

In November 2014, the site’s Thought of the Day (ToTD) page, which is displayed briefly upon visiting the site, was compromised. On first visit to the Forbes site, the users were directed to an IP address that hosted the Shockwave Flash exploit.

hackers-target-forbes-visitors-through-chained-flash-and-ie-zero-days-vulnerabilities

Hackers target Forbes visitors through chained Flash and IE Zero-days vulnerabilities

 

 

When the ToTD widget opened, it delivered the Flash exploit (hrn.dll) on the local system. The DLL then got reflectively loaded into the memory and gained administrative privileges and provided all information about current patch levels, network mapping, IP configuration, VPN connections. The botnet then beaconed information to the malicious control server, which in this particular case was found to be h[xx]p://iad12s04-in-f22.1h100.net/irwravxrc/getuau.html.

Further analysis by iSIGHT Partners revealed that the exploit used an additional 0-day bypass mitigation vulnerability in the IE 9+ (CVE-2015-0071) to deliver second attack. Flash and many other applications have an in-built mechanism Address Space Layout Randomization (ASLR) that makes drive-by attacks harder. The Flash exploit was able to exploit the mitigation defense within 7 seconds.

The Flash 0-day vulnerability, registered as CVE-2014-9163 in the National Vulnerability Database, was patched on 9 December 2014, whereas Microsoft fixed the patch on 10 February.

The incident highlights how minor software flaws that by themselves incapable of any remote code execution, however, pose a significant threat to end users.

“In the world of cyber threats, the chained 0-day exploit is a unicorn—the best known attack with chained 0-days was the Stuxnet attack allegedly perpetrated by US and Israeli intelligence agencies against Iran’s nuclear enrichment plant at Natanz as part of an operation known as Olympic Games,” explained the blog by Invincea.

Follow @HackRead

  • Tags
  • Botnet
  • Flash
  • Forbes
  • security
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article Researcher publishes 10 million passwords, usernames amid FBI raid
Next article DEA Making Huge Photo Database of Country’s Drivers, vehicles’ number plates
Pushpa Mishra

Pushpa Mishra

Pushpa is a Dubai based scientific academic editor who worked for Reuters' Zawya business magazine and at the same time a passionate writer for HackRead. From the very first day she has been a blessing for team Hackread. Thanks to her dedication and enthusiasm.

Related Posts
European Banking Authority victim in Microsoft Exchange Server hack

European Banking Authority victim in Microsoft Exchange Server hack

FluBot Android malware mimics FedEx, Chrome apps to steal user data

FluBot Android malware mimics FedEx, Chrome apps to steal user data

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
European Banking Authority victim in Microsoft Exchange Server hack
Hacking News

European Banking Authority victim in Microsoft Exchange Server hack

FluBot Android malware mimics FedEx, Chrome apps to steal user data
Android

FluBot Android malware mimics FedEx, Chrome apps to steal user data

John McAfee Charged with Fraud in Cryptocurrency Scam
Cyber Crime

John McAfee Charged with Fraud in Cryptocurrency Scam

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us