QuickTime 'abetted' hackers to attack users
Security firm Symantec said Thursday that hackers are taking advantage of deadly security flaws in QuickTime and WinZip to attack stolen personal information.
Symantec's security warning message confirms that the popular web attack method still applies in this user attack campaign. That's the way to use malicious websites to code code that exploits errors.
These malicious websites have been tampered with by "masked" hackers on a website of a well-known financial institution to easily trick users into accessing it. And while users still think that they are accessing a legitimate website, their PC has been infected with a potentially dangerous keylogger when receiving all actions from the keyboard.
Symantec discovered the attack earlier this week when a PC used as a decoy by the company was kidnapped.
" This attack has its own unique characteristics. They took advantage of the recently discovered QuickTime vulnerability and another bug in WinZip was discovered late last year as a means of attack. We never thought of it. that these errors have been exploited by hackers to attack users . "
Apart from the vulnerabilities in QuickTime and WinZip, there is another vulnerability in Microsoft's software that is also exploited in this attack.
The application developer has released an update that fixes these errors. Security companies recommend users to quickly download and install those patches.
Hoang Dung
- QuickTime is turned into super-keylog
- Users are the central target of hackers
- Add a new risk to Office users
- Skype error paved the way for hackers to attack
- Hackers can control aircraft from computers
- How did hackers attack the plane?
- Apple QuickTime RTSP buffer overflow
- Why do hackers like to wear hooded shirts, sitting in the dark?
- Hackers attack two serious
- Samba error opens the door for hackers to attack Mac
- Hackers spread malicious code to attack Word
- Hackers spread malicious code to attack Winamp