Newly-patched IE bug used in cyber-attack on Hong Kong church

Researchers have discovered a patch for a critical bug in Internet Explorer (IE) being used in semi-targeted attacks on visitors to a Hong Kong church a day after Microsoft released it.

The patch addressed a remote memory corruption bug in all versions of IE that could leave users prone to attack through a specially crafted website. Microsoft noted at the time that the bug was already being actively targeted online, indicating that hackers already knew about it at the same time as the Google researcher who reported it to Microsoft.

Symantec said that its telemetry data revealed the newly patched flaw was being used in attacks targeting visitors to the website of the Evangelical Lutheran Church of Hong Kong. The site was compromised to redirect visitors to another website that accommodated an exploit for the IE bug, CVE-2015-2502.

Symantec pegged the hack a “watering hole attack” since it targets visitors with a particular profile, even though it's not apparent who the church's visitors would be of interest to or why. 

Sign up to our newsletters