Just patched Internet Explorer bug being exploited in watering hole attack

A Hong Kong-based website has been compromised using a just patched critical memory corruption vulnerability in Internet Explorer to deliver Korplug malware.
A Hong Kong-based website has been compromised using a just patched critical memory corruption vulnerability in Internet Explorer to deliver Korplug malware.

A Hong Kong-based website has been compromised to serve up Korplug malware through a recently patched Internet Explorer (IE) vulnerability.

Symantec's Security Response blog said the Evangelical Church of Hong Kong website was modified to host a malicious iFrame that redirected visitors to another site hosting an exploit for CVE-2015-2502.

CVE-2015-2502 is a memory corruption vulnerability that affects IE 7 through IE 11 and can enable remote code execution. Microsoft deemed the bug critical in severity and issued a patch on Tuesday.

Korplug, also known as PlugX, is a trojan that maintains a backdoor on an infected computer and can allow the attacker to gain the same user rights as the actual user.

Symantec said the patch is effective and will protect any system that have it installed.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS