Attack on Google exploited browser flaw: McAfee

BOSTON (Reuters) - Recent cyber attacks on Google Inc and other businesses exploited a previously unknown flaw in Microsoft Corp’s Internet Explorer browser, according to security firm McAfee Inc.

The Google logo is seen on a computer monitor at Google's Hong Kong office January 14, 2010. REUTERS/Tyrone Siu

McAfee’s report came as authorities struggle to crack one of the most sophisticated hacking cases in history.

Google said on Tuesday that in mid-December, it detected an attack on its corporate infrastructure originating from China that resulted in the theft of its intellectual property. It eventually found that more than 20 other companies had been infiltrated.

McAfee said on Thursday that those who engineered the attacks tricked employees of the companies into clicking on a link to a website that secretly downloaded sophisticated malicious software onto their PCs through a campaign that the hackers apparently dubbed “Operation Aurora.”

“We have never seen attacks of this sophistication in the commercial space. We have previously only seen them in the government space,” said Dmitri Alperovitch, a vice president of research with McAfee.

Microsoft has yet to patch the flaw in its browser, which is used on hundreds of millions of PCs around the globe, he said.

Microsoft said that using Internet Explorer in “protected mode” would limit the impact of the vulnerability on machines running Windows Vista and Windows 7.

“We need to take all cyber attacks, not just this one, seriously,” said Microsoft Chief Executive Steve Ballmer in an interview on CNBC. “We have a whole team of people that responds in very real time to any report that it may have something to do with our software, which we don’t know yet.”

The programs allowed the hackers to take control of the PCs without the knowledge of their users, according to McAfee, which has been researching the matter on behalf of several companies involved in the attacks since late last week.

McAfee’s Alperovitch declined to say which companies had hired McAfee, saying they had signed confidentiality agreements.

So far the only other victim to come forward is design software maker Adobe Systems Inc, which has said that it is still investigating the matter.

Some researchers have speculated that the attackers may have exploited flaws in Adobe’s Acrobat software and its widely used Reader program for opening PDF documents.

McAfee’s researchers said that they found no evidence that was the case.

Still, they said that the hackers may have used other types of malicious software to break into Google and the other companies.

Internet Explorer is vulnerable on all recent versions of the Windows operating system, including Windows 7, according to McAfee.

Additional reporting by Bill Rigby; Editing by Carol Bishopric and Steve Orlofsky