Blog entry

Cyber Attack infiltrated Google & More

An operation labeled Aurora by the security experts has been setup to investigate the Google infiltration and more. This is about the cyber attack announced by Google.
Experts joined forces to investigate and analyze pieces of the code that were identified as the culprits in the attack.

McAfee security announced that the malware prints was discovered by the McAfee security company. The malicious perpetrator takes advantage of a previously zero day exploit in the Microsoft Internet Explorer. The infiltration appears to have occurred when the malware was sent to targeted individuals.

So it seems that the source was from a trusted source.

Aurora is the apparent name the infiltrator(s) gave this operation. For the infiltration to take place, the targeted individual would have had to open a file or click on a link so the file could release the malicious code in the Microsoft Internet Explorer. Once installed the malware opens a back door so that the attacker can take full control over the compromised machine.

Microsoft provided the following recommendation:

  • Enable Data Execution Prevention (DEP) which helps mitigate online attacks.
    Note: Internet Explorer 8 had DEP enabled by default; however, previous versions need to have it enabled.
  • Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones or configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone.
  • Enable a firewall
  • Get software updates
  • Install antivirus software