Hi and welcome to Malicious Life in collaboration with Cyberism. I'm Ren Levy. In August of 2009, Miron Selen, a white hat hacker in Israel, privately reached out to

Microsoft to report a vulnerability it found in the Internet Explorer browser.

It was a severe kind of security flaw easily exploited by a maliciously crafted link. The legitimacy and severity of this vulnerability marked CVEE 2010-O-249

was confirmed by Microsoft the month after it was first reported.

A patch was only scheduled for half a year later, however,

when the company planned to release a full-scale update of Internet Explorer. It seems like a long time. It didn't

matter. They were already too late.

As early as April 2009, for full months before Sellin's report, a foreign entity had began

work on an exploit for the 0249. The

O249 vulnerability

gravity of what they would achieve with it

suggests months of careful analysis,

planning and preparations during those months.

It was a fateful day when one Google employee received such a maliciously crafted link in Microsoft Messenger.

Little could that person have anticipated

the world altering consequences of just one little. The attack that began with that mouse click was given a name, Operation Aurora, after a file path called Aurora in a malware's binary.

According to MacAfee's Dimitri Alperovic,

this may be the name the hackers themselves were using to describe their attack. It's hardly the kind of scary name

that you might associate with the massive events you'll soon hear about.

Maybe it was named after the colors of the Google logo. But who was that

enemy? Google is one of the world's most well organized and well defended companies. You'd have an easier time hacking into a small

country, maybe even the US government, depending on the branch. Something big had to be behind this. The NSA, FBI, Google,

...