Attack Code Used to Hack Google Now Public

by admin January 16, 2010 at 4:00 pm

The dangerous Internet Explorer attack code used in last month’s attack on Google’s corporate networks is now public.

The code was submitted for analysis Thursday on the
Wepawet malware analysis Web site, making it publicly a
vailable. By Friday, it had been included in at least one publicly available hacking tool and could be seen in online attacks, according to Dave Marcus, director of security research and communications at McAfee.

The attack is very reliable on Internet Explorer 6 running on Windows XP, and it could possibly be modified to work on more recent versions of the browser, Marcus said. “The game really changes now that it’s hosted publicly,” he said.

A hacker could use the code to run unauthorized software on a victim’s computer by tricking them into viewing a maliciously crafted Web page.

Read more: pcworld.com