Feeds

Spyware blizzard shows no sign of let up

It's raining Trojans

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

Hackers are continuing to target British workers with a series of specially crafted Trojan horse attacks two weeks after a UK government agency issued an unprecedented security warning. The latest batch of malware again targets a small network of specifically targeted domains in assaults designed to slip under the corporate radar and allow hackers to steal privileged information or launch further attacks from compromised systems.

In the latest attack, email security firm MessageLabs intercepted a small number of emails containing malicious software sent to would-be victims at just four domains. The majority of these 17 emails were bound for addresses at an unnamed international security organisation that was also targeted in a similar attack earlier this month, MessageLabs reports.

Using body text potentially relevant to the target audience, the email encouraged intended recipients to open an attached Word document. The attack exploits a well-known Word macro vulnerability (MS03-050) to inject hostile code, in this case an embedded Trojan, onto vulnerable systems.

MessageLabs reports growing incidents of targeted email attacks against businesses and organisations over the last year. Earlier this month the UK’s National Infrastructure Security Coordination Centre (NISCC) issued a warning about the industrial espionage potential threat posed by these attacks to governments and large corporates. Mark Sunner, Chief Technology Officer at MessageLabs, said: "The motivation behind today’s new email-borne threats is far more sinister than traditional methods of large-scale attacks. New criminal methods show a preference for selecting a particular target, whether an individual or an organisation, to attack for perhaps financial or competitive gain. The architects behind the bespoke Trojan attacks we are witnessing aim to steal confidential corporate information and intellectual property."

"In this evolving environment of customised attacks, organisations must adopt a more holistic approach to email security management; implementing stringent, formalised email security policies, alongside truly multi-layered, proactive technology measures to ensure protection against all known and unknown threats," he added. ®

Infected emails typically contain the subject line "FW : 0627" and body text (as follows) purporting to be from the Times of India:

THE TIMES OF INDIA

Monday, June 27, 2005

China's new JL-2 missile prevents US from the Taiwan affairs

China has successfully flight-tested a submarine-launched missile that U.S. officials say marks a major advance in Beijing's long-range nuclear program. The Bush administration has expressed new worries about China's military buildup. The JL-2 missile was launched from the new submarine, known as the Type 094, said a U.S. official familiar with it.

(Details in the attachment)

Related stories

UK Trojan siege has been running over a year
UK under cyber blitz
Window of exposure lets viruses run rampant
Spammers adopt slippery tactics to bypass ISP defences
Virtual postcard delivers Trojan

Beginner's guide to SSL certificates

More from The Register

next story
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
China is ALREADY spying on Apple iCloud users, watchdog claims
Attack harvests users' info at iPhone 6 launch
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.