A security flaw has just discovered that lets hackers prey on visitors to a military veterans web page via Microsoft’s Internet Explorer web browser.
According to Reuters, Security firm FireEye Inc. discovered the attacks against Internet Explorer 10 this week, saying hundreds or thousands of machines have been infected. FireEye said the culprits broke into the website of U.S. Veterans of Foreign Wars and inserted a link that redirected visitors to a malicious web page that contained the infectious code in Adobe Systems Inc’s Flash software.
FireEye researcher Darien Kindlund said hackers were probably seeking information from the machines of former and current military personnel and that the campaign shared some infrastructure and techniques previously attributed to groups in mainland China.
He said planting backdoors on the machines of VFW members and site visitors to collect military intelligence was a possible goal.
A Microsoft spokesman said the company was aware of the “targeted” attacks and was investigating. “We will take action to help protect customers,” said spokesman Scott Whiteaker.
A VFW spokeswoman told TheBlaze the organization is in meetings right now coordinating a response to the attack. She said they will release a statement later today.
The latest version of the browser is IE 11 is not affected by the hack, and the Microsoft security tool called the Enhanced Mitigation Experience Toolkit protects users who have the program installed, Reuters reported.
Follow Elizabeth Kreft (@elizabethakreft) on Twitter.