A new report by malware research firm FireEye has uncovered an attack against the website of the Veterans of Foreign Wars, believed to be carried out by a group based in China. Using a tactic known as a watering-hole attack, the group used a previously unpublished exploit in Microsoft's Internet Explorer 10 to seed malware onto computers visiting VFW.org through an open iFrame window in the background. "Based on the targeting preferences, we suspect the attacker was looking for intelligence located on US military personnels' systems," said FireEye's Darien Kindlund. If the visitor had any sensitive information elsewhere on their computer, that data would be exposed to the attackers.
Dubbed DeputyDog by the researchers, the same group of attackers has previously targeted US government agencies, Japanese companies, mining firms and defense contractors, deploying sophisticated attacks against high-profile targets. It's not known if the attackers are affiliated with the Chinese government, but the attack fits a pattern of previous China-based attacks against foreign ministries, universities and web companies at large. To block the exploit and others like it, the researchers recommend upgrading to IE 11 or installing Microsoft's Experience Mitigation Toolkit, either of which would negate the attack.