Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Subscribe











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Malware Update

MessageLabs: 13 Separate Olympic Themed Targeted Trojans

April 2008 by MessageLabs

The world’s athletes and hackers now share a
common focus - the Beijing Olympics. Whilst the athletes have a
legitimate reason to concentrate on the Games, today’s hackers are using
the 2008 Olympics for their own glory. MessageLabs revealed new research showing the frequency and locations of targeted
Trojan attacks and the tools used to avoid detection.

In the last six months MessageLabs has intercepted 13 separate Olympic
themed attacks, across several different data-rich industries. With
legitimate-sounding email subject titles such as "The Beijing 2008 Torch
Relay" and "National Olympic Committee and Ticket Sales Agents", some
attacks purport to be from the International Olympic Committee, based in
Lausanne Switzerland, however the reality is that all but one attack has
been sent from an IP addresses within Asia Pacific.

Targeted Trojans are usually aimed at specific individuals within an
organization with the purpose of infiltrating networks for corporate
espionage. Each attack is usually small in numbers and often utilizes
social engineering techniques, such as personalization, to persuade the
recipient to open the email and attachment.

Hackers are constantly shifting to new delivery formats to hide the
sinister malware and to avoid detection by traditional anti-virus
engines, as well as using harmless and common attachment types which are
not blocked. In these instances, Microsoft Office Database (MDB) files,
usually hidden within a ZIP file, is one of the latest formats to be
used. Once the MDB file has been downloaded the MDB exploit will drop an
EXE file to the disk and steal data. MessageLabs predicts that in the
coming year hackers will vary their use of formats even further with 1
Byte XOR Key, Multiple XOR keys and ROR, ROL, ADD and SUB formats to be
exploited.

Alex Shipp, MessageLabs Senior Anti Virus Technologist and Imagineer,
issues an ominous warning to businesses, "These attacks are highly
targeted at organizations that have highly confidential and valuable
data, such as military and government bodies. Presuming that you haven’t
been targeted isn’t proof that you haven’t. The malicious EXE file can
remain undetected for several months so it may be that your organization
has been penetrated and crucial information has already leaked.
Businesses need to up their game and fortify themselves against a
dangerous new breed of hacker, Hacker 3.0, who is prepared to stop at
nothing to achieve their goal."


See previous articles

    

See next articles












Security Vulnerability

Toutes nos news en Francais

Alle unsere News auf deutsch

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts

 
News Files Cyber Security Security Vulnerability Malware Update Diary Guide & Podcast TRAINING Jobs CONTACTS Contact About Mentions légales identifier ADMIN

Global Security Mag Copyright 2011