14 DAY TRIAL // The website of the Herzliya Conference (herzliyaconference.org) and the one of the International Institute for Counter-Terrorism (ict.org.il), both governed by an Israeli academic institution called the Interdisciplinary Center (IDC), have been hacked and used to push malware.
According to security researchers from Websense, both websites are part of a watering hole attack in which the targeted sites are injected with an Internet Explorer exploit identified in September 2012 and addressed by Microsoft the same month.
Experts say that the malicious code appears to have been present on the sites since as early as January 23, 2013. On Tuesday, when Websense published its report, the exploit on herzliyaconference.org wasn’t working, but ict.org.il still served malware.
IDC has failed to respond to the notifications sent by the experts.
It’s worth noting that the researchers say the attack is very similar to the one that targeted the Council on Foreign Relations.
A complete technical analysis of the attack is available on Websense’s Security Labs blog.