France's Snecma targeted by hackers using Internet Explorer flaw: Researcher
Advertisement
French aerospace engine maker Snecma, a unit of Safran , was attacked by hackers who exploited a vulnerability in Microsoft Corp's Internet Explorer, according to a computer security researcher.
It was not clear how successful the hackers had been in their efforts to breach Snecma's network, according to the researcher, who has studied malicious software and infrastructure used by the hackers.
A spokeswoman for Snecma's parent, Safran, said she had no immediate comment.
The researcher said the malicious software used by the hackers contained code that identified Internet domain names belonging to Snecma. The researcher declined to be identified by name as he was not authorized to publicly discuss the matter.
Advertisement
The vulnerability in Internet Explorer surfaced last week, when California-based cybersecurity firm FireEye Inc said that hackers had leveraged a previously unknown security flaw in the Web browser to attack the website of the U.S. nonprofit group Veterans of Foreign Wars.
Microsoft last week advised customers to upgrade to Internet Explorer 11, saying versions 9 and 10 were vulnerable to the type of attacks identified by FireEye.
Advertisement
On Tuesday, the Israeli cybersecurity firm Seculert said in a blog post that the IE vulnerability was used to attack a French aerospace company, though it did not name that company. Seculert said the attack likely began on January 17 and that it may still be going on.
According to Seculert, the attack on the aerospace company involved a different piece of malicious software than what was used against the Veterans of Foreign Wars, which suggested a different group of hackers may be involved.
Advertisement
The malware was designed to help hackers steal credentials by infecting devices that employees, partners and third-party vendors used to remotely access the French company's network, according to Seculert.
That technique of targeting remote users has been deployed in some high-profile cyber attacks in recent years.
Target Corp said hackers behind a massive data breach late last year had gained initial access to the U.S. retailer's network through a vendor.
In 2011, hackers attacked Lockheed Martin Corp and other U.S. military suppliers by creating duplicate SecurID credentials used by contractors to access their networks.© Thomson Reuters 2014
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.
Advertisement