We had barely entered 2010 when Google reported that a sophisticated and coordinated attack, dubbed ‘Operation Aurora’, had targeted a number of large multinational companies. Hackers had exploited a vulnerability in Internet Explorer to silently install a Trojan on computers, thereby remotely accessing users’ confidential information.
This 0-Day vulnerability affected three versions of Internet Explorer (6, 7 and 8) on Windows 2000 SP4, XP, 2003, Vista and Windows 7. The attack was called Aurora after investigators found the text string “aurora” in the source code of one of the Trojans involved in the attack. There are two theories about what hackers intended to achieve with this action: One argues that the intention was to steal intellectual property from large companies and the other, more simplistic, that the aim was to steal information from Gmail accounts of human rights activists in China.