Security researchers have spotted two new targeted attack campaigns aimed at organisations in Japan, China and elsewhere in Asia, one of which exploits a zero day exploit in Internet Explorer revealed only last week.
Operation DeputyDog is targeted at “entities in Japan”, using the IE vulnerability CVE-2013-3893 which Microsoft released an emergency patch
for last Tuesday, according to security firm FireEye
The payload for the attack, first detected by FireEye at the end of August, was hosted on a server in Hong Kong disguised as a .jpg file. The malware was then observed connecting to a host in South Korea.