Security vendor McAfee is reporting that the cyber-attack that hit more than 30 businesses, including Google and Adobe Systems, involved the use of a zero-day exploit targeting Internet Explorer.
"Once the malware is downloaded and installed, it opens a back door that allows the attacker to perform reconnaissance and gain complete control over the compromised system," said McAfee CTO George Kurtz. "The attacker can now identify high-value targets and start to siphon off valuable data from the company."
Talk of an IE vulnerability follows reports from other vendors that the attackers launched a spear-phishing campaign using Adobe Reader attachments. McAfee said it has not uncovered any evidence that a Reader vulnerability was exploited in the attacks.
"According to sources familiar with the present attack, attackers delivered malicious code used against Google and others using PDFs as e-mail attachments; those same sources also claim that the files have similar characteristics to those distributed during the July attacks," iDefense said.