Menu
Operation Clandestine Fox targets Australian mining, finance and telco firms

Operation Clandestine Fox targets Australian mining, finance and telco firms

NCR: 95 per cent of the world’s ATMs are still running on Windows XP

Australian mining, telecommunications and financial services companies have been targeteted by hackers through a campaign called Operation Clandestine Fox.

IT security firm, FireEye, has announced that a recently discovered Internet Explorer (IE) vulnerability has been exploited by hackers against organisations in Australia, both independently and as part of a campaign called Clandestine Fox.

A spokesperson for the company said while reports of hacks had been confirmed in the US and around the world, this was the first confirmation of the vulnerability’s exploitation in Australia.

The company declined has to name specific organisations for confidentiality reasons, but said that targeted industries included resource and mining, financial services and telecommunications.

The vulnerability has gained worldwide attention over the past few weeks since its discovery.

As of 2013, vulnerable versions of IE accounted for 26.25 per cent of the browser market, prompting governments around the world to advise users to switch browsers until the bug was fixed.

This has additional security relevance since, according to NCR, a leading maker of ATMs, 95 per cent of the world’s ATMs are still running on Windows XP, an operating system no longer being supported with security patches.

FireEye engineering manager A/NZ, Rich Costanzo, said it was clear proof that what we’re seeing globally in terms of zero days and breaches is happening here in Australia

“Not only that, it’s happening in record time," he said.

Read more: Peter Leav takes charge of Polycom

"In fact, less than 72 hours after the IE vulnerability became known we were detecting it here.”

Costanzo said that the discovery of the vulnerability being used as part of Operation Clandestine Fox was made in the context of a Mandiant investigative response team and involved a spearphishing attack.

The vulnerability affects IE6 through IE11, but the attack is targeting IE9 through IE11.


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags ncrwindows xpRich CostanzoAustraliaFireEyemicrsoftMandiant

Show Comments