A Hong Kong-based website has been compromised to serve up Korplug malware through a recently patched Internet Explorer (IE) vulnerability.
Symantec’s Security Response blog said the Evangelical Church of Hong Kong website was modified to host a malicious iFrame that redirected visitors to another site hosting an exploit for CVE-2015-2502.
CVE-2015-2502 is a memory corruption vulnerability that affects IE 7 through IE 11 and can enable remote code execution. Microsoft deemed the bug critical in severity and issued a patch on Tuesday.
Korplug, also known as PlugX, is a trojan that maintains a backdoor on an infected computer and can allow the attacker to gain the same user rights as the actual user.
Symantec said the patch is effective and will protect any system that have it installed.