Main Menu

Login



Support Virus.Org

Help support Virus.Org by donating.
Donating allows us to keep this site free and pay the running costs of all our services.
Targeted Industrial Spy Trojan Attack Foiled PDF Print E-mail
Written by Editor   
Saturday, 02 July 2005 09:26
Email filtering company MessageLabs have released details of an attack which was directed at its customers. The attack was no mass mailing of a piece of malware, but a highly targeted attack at just 17 email addresses. The infected email was sent to a targeted list of people at just four domains, which suggested that the attacker was using this Trojan attack as a means for industrial espionage.

The attacker used a the Microsoft Word vulnerability in the handling of macro names as a means to execute the Trojan which was embedded in a Microsoft Word document. You can see more detail on this vulnerability in the Microsoft MS03-050 security bulletin.

The email was written in a context relevant to the targeted user base and encourages the reader to open up the attached Word document to gain more information. The document contains an embedded UPX packed bespoke Trojan, which was designed to steal confidential corporate information and intellectual property.

According to analysis performed by MessageLabs, there has been a gradual rise of targeted email borne attacks against businesses and organizations over the past year. This also comes just a few weeks after the warning from the UK National Infrastructure Security Coordination Centre about the threat of these types of attacks to UK businesses and government.

Add this page to your favorite Social Bookmarking websites
Digg! Reddit! Del.icio.us! Google! Live! Facebook! Technorati! StumbleUpon! Yahoo!
Last Updated ( Thursday, 14 September 2006 21:51 )