Targeted attack using journalists as a lure
May 12th, 2010 admin
Topics:
We found a new malicious XLS file which contains lots of names, details and contact information for journalists around the world: This file was emailed to unknown persons, apparently in order to launch a targeted attack. The relevance of the journalists mentioned in the attack file is unknown. When the file (md5 hash: 46d0edc0a11ed88c0a39bc2118b3c4e071413a4b) is opened, it exploits a vulnerability in Excel. The vulnerability executes a piece of embedded code that drops several new executables to hard drive and launches them, including:
Related Posts
We just blogged about a highly targeted attack against military contractors. Now we saw one against the intelligence sector. This attack was done with a PDF file. Again. It was targeting the CVE-2009-4324 vulnerability. Again. When opened, the PDF file (md5: c3079303562d4672d6c3810f91235d9b) looked like this: What really happens in the background?...
F-Secure Labs has learned of another interesting targeted attack. In this case, malicious PDF files were emailed to US defense contractors. While the “Aurora” attacks against Google and others happened in December 2009, this happened just last week . The PDF file was quite convincing and it looked like it came from the Department of...
Q: What is this all about? A: It’s about a site called jailbreakme.com that enables you to Jailbreak your iPhones and iPads just by visiting the site. Q: So what’s the problem? A: The problem is that the site uses a zero-day vulnerability to execute code on the device. Q: How does the vulnerability work? A: Actually, it’s two vulnerabilities....
A hack attack that targeted Google in December also hit 33 other companies, including financial institutions and defense contractors, and was aimed at stealing source code from the companies, say security researchers at iDefense. The hackers used a zero-day vulnerability in Adobe Reader to deliver malware to the companies and were in many cases successful...
A U.S. citizen of Pakistani extraction pleaded guilty on Thursday to a dozen federal terrorism charges, including an alleged plot to decapitate Danish journalists and throw their heads out of windows. According to court documents and a Justice Department press release, among the terrorist activities to which David Coleman Headley admitted were extensive...
Now here’s an interesting turn of events. In the middle of all the attention to the “Operation Aurora” attacks, we’re now seeing new targeted attacks that are using this very event as the lure to get the targets to open a malicious attachment! Here’s the email we saw (the mail was forged to look like it came from gwu.edu):...
Microsoft schedules its security updates on the second Tuesday of the month. Adobe recently began following this schedule as well, and while there are no Adobe updates today, there was an out-of-cycle security update two weeks ago. That update should now be applied if you haven’t already done so. Why? Because we’re now seeing the vulnerability...
There’s another malware run underway on Twitter. A fairly large pool of fake accounts are sending out messages with popular hashtags and the text “haha this is the funniest video ive ever seen”. People see these messages when they look for trending topics in Twitter. The shortlinks in the Tweets point to a page under pc-tv.tv...
Google says an attack originating from China targeted its infrastructure and at least 20 others and was a “highly sophisticated and targeted attack”, apparently to gain access to the e-mail accounts of Chinese human rights activists. From CNN – “Based on our investigation to date we believe their attack did not achieve that...
Over the years, we have multiple times posted examples of what kind of booby-trapped document files have been used in targeted (espionage) attacks. For example: Targeted examples New set of bait files H1N1 Themed Targeted Attack Intelligence Sector Hit by a Targeted Attack Targeted Malware Attacks Against Pro-Tibet Groups On-going Targeted Attacks...
Related Tweets from Twitter
Related News from Digg
Leave a comment
| Trackback
