Void Banshee Exploits Old IE11 Vulnerabilities to Steal Sensitive Data

18 Sep 2024

Cybercriminals Exploit Legacy of Internet Explorer

More than two years have passed since Internet Explorer 11 was officially retired, yet the browser’s legacy continues to cast a long shadow. In an unexpected turn of events, cybercriminals are exploiting remnants of this once-popular browser to execute their nefarious schemes. The group behind these attacks, known as Void Banshee, has been under the watchful eye of security firm Trend Micro for some time now.

Recent revelations emerged following Microsoft’s disclosure of the vulnerability identified as CVE-2024-43461. This flaw has become a key tool for Void Banshee, allowing them to infiltrate systems across Europe, North America, and Southeast Asia. Their targets are often left vulnerable to the theft of sensitive information, including cookies and passwords.

Internet Explorer's Unwanted Resurrection

In their sophisticated attack campaign, Void Banshee has leveraged not only CVE-2024-43461 but also another vulnerability, CVE-2024-38112, which was patched in July. Both vulnerabilities can be triggered through specially crafted .url files, enabling the resurrection of Internet Explorer despite its official demise. The remnants of this browser still linger within Windows, allowing it to be unwittingly activated.

Adding another layer of complexity, the attackers utilized Windows’ support for Braille to their advantage. By disguising a .hta (HTML) file as a PDF, they crafted a document meant for the visually impaired that contained hidden instructions in whitespace, cleverly bypassing standard Windows warnings. Users faced a choice to either open or save the file. If they opted to open it, Internet Explorer would spring back to life, paving the way for the installation of the Atlantida InfoStealer. This insidious software is designed to harvest cookies, passwords, and usernames, showcasing how Internet Explorer persists in a zombie-like state within Windows, remaining vulnerable to exploitation.

Defensive Measures and Proactive Security

Despite the covert nature of these attacks, there are effective defensive measures available. Security solutions, such as those offered by Symantec, provide built-in protection against the execution of .url files that trigger Internet Explorer. As organizations navigate this complex landscape, awareness and proactive security measures remain paramount in safeguarding against such legacy threats.

Also read: Security company Fortinet victim of data breach

How do I install Internet Explorer 11 on Windows 11 64-bit?

Windows 11 doesn't come with Internet Explorer 11 as it has been replaced by Microsoft Edge. However, you can enable the Internet Explorer mode in Microsoft Edge to access legacy sites. Open Edge > Click the three dots > Settings > Default browser > Let Internet Explorer open sites in Microsoft Edge. Set this to "Always".

How to install Internet Explorer 11 in Windows 11 64-bit?

Internet Explorer 11 isn't available on Windows 11 since it's replaced by Microsoft Edge. To use IE functionality, enable IE mode in Edge. Open Edge > Click the three dots > Settings > Default browser > Let's Internet Explorer open sites in Microsoft Edge. Set this to "Always."

Update: 18 Sep 2024

delicious Buttons for Internet Explorer

delicious Buttons for Internet Explorer download for free to PC or mobile

Latest update delicious Buttons for Internet Explorer download for free for Windows PC or Android mobile

5
1026 reviews
2833 downloads

News and reviews about delicious Buttons for Internet Explorer

Void Banshee Exploits Old IE11 Vulnerabilities to Steal Sensitive Data

18 Sep 2024

Void Banshee Exploits Old IE11 Vulnerabilities to Steal Sensitive Data

Cybercriminal group Void Banshee exploits Internet Explorer 11 vulnerabilities CVE-2024-43461 and CVE-2024-38112, targeting systems in Europe, North America, and Southeast Asia. They use .url and disguised .hta files to install Atlantida InfoStealer. Security solutions like Symantec's offer protection.

Read more
Microsoft Confirms Zero-Day Exploitation of IE Vulnerability CVE-2024-43461

17 Sep 2024

Microsoft Confirms Zero-Day Exploitation of IE Vulnerability CVE-2024-43461

Microsoft confirmed that the vulnerability CVE-2024-43461 in Internet Explorer was exploited as a zero-day before it could be patched. Rated 8.8 on the CVSS scale, this flaw allows attackers to obscure file-type extensions, potentially executing malicious code. Microsoft urges users to apply updates.

Read more
New Internet Explorer Vulnerability Poses Risk; Microsoft Issues Patch

27 Jul 2024

New Internet Explorer Vulnerability Poses Risk; Microsoft Issues Patch

A new vulnerability exploiting Internet Explorer code in millions of PCs poses a risk to user data and system integrity. The US government has added it to its Known Exploit Vulnerability catalog. Microsoft urges users to update Windows systems promptly to protect against potential attacks.

Read more
Microsoft and US Agencies Issue Urgent Updates for Zero-Day Attack

16 Jul 2024

Microsoft and US Agencies Issue Urgent Updates for Zero-Day Attack

A new zero-day attack targeting Windows 10 and 11 has been discovered, exploiting Internet Explorer. Microsoft and US federal agencies have issued urgent update mandates to protect against ransomware and other malware. Users are advised to update their Windows PC to disable the threat.

Read more
All delicious Buttons for Internet Explorer news and updates