Over the last few months, 40 known companies have been identified as victims of cyberattacks. As more details are being revealed, it turns out that these attacks are not only targeted at tech companies such as Apple or Twitter but other industries as well, including prominent car manufacturers, US government agencies and a candy company. However, the affected companies have not been named.
According to The Security Ledger, people who are familiar with the attacks said the computer networks are hacked using at least three third party “watering hole” websites. A watering hole attack identifies the sites of interest of its potential victims and compromises it by injecting JavaScript or HTML to redirect the victims to additional malicious codes. The compromised sites will be left “waiting” to compromise other visitors through drive-by downloads. More information can be obtained from Symantec.
It is still not clear if these attacks are mounted by the same group of hackers or are isolated incidents. Most affected companies believed that hackers exploit a vulnerability in a Java plug-in. Companies like Mozilla had turned off Java by default in its browser to prevent the exploit.