Login theft attacks targeted at European, Asian governments





email_sample_screencap
“Open the email attachment, Mr. Carver; Beijing disappears.” (Image: Trend Micro)

Security firm Trend Micro is warning of a new targeted attack aimed at European and Asian governments that seeks to steal login account details from websites and email accounts.

In a blog post on Monday, researchers at the security firm and anti-malware software maker detailed a new “targeted attack” launched against governments in a number of countries.

The attachment exploits CVE-2012-0158, a vulnerability in Office 2003 through to Office 2010 — patched by Microsoft in April 2012 — allowing the hacker to run remote code if the user was duped into opening the attachment containing the malicious code.

“The attacker would have to convince the user to open the attachment in order to exploit the vulnerability,” Microsoft said in the security advisory at the time.

If the attachment is opened, login details from the victim’s computer are stolen and uploaded to two IP addresses, both located in Hong Kong, the firm said.

A “dummy” Word document is opened to make the target believe that nothing untoward happened.

The malware-laden email message was sent to at least 16 European government officials. And, with a carefully crafted email subject and attached document that looks genuine and appealing to open by the recipient, there is a greater risk that government machines could become infected with the backdoor malware.

Though the email claims to be from the Chinese Ministry of National Defense, Chinese media organizations were also targeted in the attack — making it difficult to identify the source of the malware.


Source Article from http://www.zdnet.com/login-theft-attacks-targeted-at-european-asian-governments-7000018121/

You can leave a response, or trackback from your own site.

Leave a Reply

Powered by WordPress | Designed by: Premium WordPress Themes | Thanks to Themes Gallery, Bromoney and Wordpress Themes