« There just aren't eno… | Home | It's amazing, the stu… »

Targetted attacks.

Wednesday 25 April 2007 at 3:05 pm
It seems that The Bad Guys (for some value of Bad Guys) are now carefully choosing their targets, and are also carefully choosing personnel who work at those targets and are e-mailing trojan horses, in the form of MS Office documents to those people in the hope that they'll open the bad files and run the exploits. The nature of the payload isn't clear in the article - it sounds like the trojans open connections to systems that the attackers control, and the attackers tunnel back through into the target networks. The scary thing is that the targets include various federal agencies, defense contactors, and (it is said) a couple of nuclear power research facilities... moreover, the attacks are coming from overseas (no surprise, really), usually China or Taiwan. The attacks come at a rate of a couple per site per week - these guys are persistent, I'll give them that.

While this isn't a 0-day technique (the theory's been around for years), this is the first time that it's been recorded as happening as part of a planned, deliberate attack against a major site. Usually you hear about it being part of a last-ditch attack against a small company, sometimes in the guise of what might be considered industrial espionage.

Used tags: cracking, exploits, government, ms_office, targetted_attacks, trojan_horses

Fight Spam! Click Here!

Trackback link:

three comments recorded.

Name:			Remember personal info? Yes No
Email:
URL:
Comment:		/ Textile
(Register your username / Log in)
Notify: Yes, send me email when someone replies. Hide email: Yes, hide my email address.
Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.