Feeds

Spyware blizzard shows no sign of let up

It's raining Trojans

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Hackers are continuing to target British workers with a series of specially crafted Trojan horse attacks two weeks after a UK government agency issued an unprecedented security warning. The latest batch of malware again targets a small network of specifically targeted domains in assaults designed to slip under the corporate radar and allow hackers to steal privileged information or launch further attacks from compromised systems.

In the latest attack, email security firm MessageLabs intercepted a small number of emails containing malicious software sent to would-be victims at just four domains. The majority of these 17 emails were bound for addresses at an unnamed international security organisation that was also targeted in a similar attack earlier this month, MessageLabs reports.

Using body text potentially relevant to the target audience, the email encouraged intended recipients to open an attached Word document. The attack exploits a well-known Word macro vulnerability (MS03-050) to inject hostile code, in this case an embedded Trojan, onto vulnerable systems.

MessageLabs reports growing incidents of targeted email attacks against businesses and organisations over the last year. Earlier this month the UK’s National Infrastructure Security Coordination Centre (NISCC) issued a warning about the industrial espionage potential threat posed by these attacks to governments and large corporates. Mark Sunner, Chief Technology Officer at MessageLabs, said: "The motivation behind today’s new email-borne threats is far more sinister than traditional methods of large-scale attacks. New criminal methods show a preference for selecting a particular target, whether an individual or an organisation, to attack for perhaps financial or competitive gain. The architects behind the bespoke Trojan attacks we are witnessing aim to steal confidential corporate information and intellectual property."

"In this evolving environment of customised attacks, organisations must adopt a more holistic approach to email security management; implementing stringent, formalised email security policies, alongside truly multi-layered, proactive technology measures to ensure protection against all known and unknown threats," he added. ®

Infected emails typically contain the subject line "FW : 0627" and body text (as follows) purporting to be from the Times of India:

THE TIMES OF INDIA

Monday, June 27, 2005

China's new JL-2 missile prevents US from the Taiwan affairs

China has successfully flight-tested a submarine-launched missile that U.S. officials say marks a major advance in Beijing's long-range nuclear program. The Bush administration has expressed new worries about China's military buildup. The JL-2 missile was launched from the new submarine, known as the Type 094, said a U.S. official familiar with it.

(Details in the attachment)

Related stories

UK Trojan siege has been running over a year
UK under cyber blitz
Window of exposure lets viruses run rampant
Spammers adopt slippery tactics to bypass ISP defences
Virtual postcard delivers Trojan

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.