AAPL Stock: 112.12 ( + 2.62 )

Printed from

US Radiation health site involved in Chinese 'watering hole' attack

updated 10:58 am EDT, Sat May 4, 2013

Attack targeted nuclear weapons workers accessing health information

A US Department of Labor website tailored for nuclear weapons researchers has been compromised, redirecting visitors to a series of alternative websites. If the accessor was using Windows XP and Internet Explorer 8, the culmination of the attack inserted the "Poison Ivy" malware onto the computer, giving access to the user's data by "DeepPanda", a group of hackers believed to be located in China.

Microsoft has confirmed the code execution flaw in Internet Explorer 8. The ultimate fix for the issue is migration to a newer version of the browser, all that have fixes for the flaw. If an upgrade isn't possible, Microsoft advises users to set Internet and local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones, and to configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones. Both settings would require "white listing" trusted sites.

"For users of IE8, there is no patch currently available and with this exploit being out in the wild, the potential risk for damage is high" said researchers from security firm Invincea in an initial report on Wednesday.

The webpages that were affected provided information on illnesses suffered by personnel developing atomic weapons, making it a likely target for a "watering hole" attack. The websites have since been repaired, and law enforcement is looking into the matter.

by MacNN Staff



Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Polk Hinge Wireless headphones

Polk, a company well-established in the audio market, recently released a new set of headphones aimed at the lifestyle market. The Hin ...

Blue Yeti Studio

Despite being very familiar with Blue Microphones' lower-end products -- we've long recommended the company's Snowball line of mics ...

ZTE Spro 2 Smart Projector

Home theaters are becoming more and more accessible these days, but maybe you've been a bit wary about buying a home projector. And h ...


Most Commented