Share

Related Links

Top 5 Stories

News

FireEye claims protection against Internet Explorer zero-day attack

18 January 2010

Security appliance company FireEye has said that its products can detect the latest zero-day vulnerability in Internet Explorer without any software patches.

FireEye, which said the same thing about Adobe's most recent PDF vulnerability last month, argued today that its FireEye Analysis and Control (FACT) engine provides pre-emptive support to customers against current zero-day exploits for the Internet Explorer flaw, which were used to target Google and other companies in December.

The company worked with customers to see if their networks had been targeted by the attacks, it said. "In several cases, it was confirmed that 'Operation Aurora' had indeed targeted their netowrk and that the FireEye security technology had identified the IE malware attacks," it added.

"Within the FireEye virtual machine analysis environment, dropper malware was found to install and subsequently download a Hydraq Trojan payload. Hydraq then established an outbound connection to command-and-control servers providing the cyber criminals behind the attack full administrative access to the end system, including but not limited to manipulating files, processes, installing new malware, disabling auto-patching, and even uninstalling endpoint security," FireEye reported.

Marc Maiffret, chieft security architect at FireEye, warned that the hackers behind Aurora used techniques including code obfuscation to try and cover their tracks.

FireEye was instrumental in bringing down the Mega-D botnet in November, working with registrars and ISPs around the world to choke off the command and control points for its infrastructure.

This article is featured in:
Application Security  •  Internet and Network Security  •  Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×