AlienVault: Hackers Abusing Internet Explorer to Identify Security Products

By   ISBuzz Team
Writer , Information Security Buzz | Aug 04, 2014 05:38 pm PST

Jaime Blasco, Director of AlienVault Labs, has discovered that Microsoft’s Internet Explorer browser is being exploited by hackers and cyber criminals to expose existing vulnerabilities and security flaws in user’s computers.

Through these vulnerabilities, hackers are gaining access to confidential data. “They collect information through Internet Explorer on the software running on the machine to determine which software can be attacked in the future,” Jaime Blasco explained. “The hackers also share details of web server and computer vulnerabilities with others inside the community.”

Hackers exploit these flaws by searching computers for the type of security software that is being used, which can then help them learn how exactly to take control of them.

“By knowing what security software is installed, the hackers can determine if their attack is going to work. That way they will only attack a computer they know is vulnerable and avoid alerting security companies to their presence,” said Blasco.

This exploitation is occurring over a vast scale; without their knowledge, entire companies, web servers, and users are being targeted via holes within Internet Explorer.

However, it’s not only security software that hackers can gain access to; other software and applications are also vulnerable to exposure and are being used to gain control over a user’s PC. Its solid integration into the Windows software is the main reason that Internet Explorer can be exploited in such a way. Other browsers such as Chrome or Firefox do not have the same degree of integration, and so the exposure is significantly less. Based on this, AlienVault advised that users consider using a  third-party browser such as Chrome.

Chrome is designed with security in mind,” explained Blasco. “It has a suite of security features in place that means that even if attackers find a hole in one layer, they have to bypass other security measures that are in place.”

Microsoft claims it is investigating other issues within the IE browser and is suggesting that users upgrade to the latest IE 11 browser to minimise the risk of exposure. The company has been aware of the existing vulnerabilities for over a year, yet only a few of them have actually been patched.

By Jaime Blasco, Director of AlienVault Labs

About AlienVault Labs

AlienVaultAlienVault Labs conducts security research on global threats and vulnerabilities. The team of security experts, led by renowned Labs director, Jaime Blasco, constantly monitors, analyzes, reverse engineers, and reports on sophisticated zero-day threats including malware, botnets, phishing campaigns and more.

Using an ever-expanding array of manual and automated techniques, AlienVault Labs researchers ensure that AlienVault’s Unified Security Management™ platform is always up-to-date with the latest threat intelligence. In addition, the Labs also runs AlienVault’s Open Threat Exchange™ (OTX), an open information sharing and analysis network that provides real-time, actionable threat information submitted by over 8,000 contributors from over 140 countries.

The discoveries of the AlienVault Labs researchers are shared regularly on their blog, and you’ll see them quoted in the news often!

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x