Fast moving blackhats backdoor church-goers.
Hackers are already using an Internet Explorer vulnerability disclosed this week to hack members of an evangelical church. The attackers compromised the website of the Evangelical Lutheran Church of Hong Kong, injecting a malicious iFrame that redirects the faithful to a malicious website sporting the Internet Explorer vulnerability (CVE-2015-2502). More javascript redirections lead to the PlugX (pdf) malware landing on machines. Once running, the malware opens a back door and begins harvesting ...