E-mail Attack Uses Soccer World Cup ThemeAccording to security researchers at Symantec, a new personalized e-mail attack is running that uses the theme of 2010 FIFA World Cup to deceptively make users click on a malicious PDF file. Actually, the attachment exploits an Adobe Reader security flaw that occurs while handling TIFF files and which was patched on February 16, 2010. Anyone opening the attachment will have malware installed on his computer if it runs the flawed Adobe Reader. The soccer tournament, FIFA World Cup, is a very popular football game, which is regularly conducted and people worldwide watch it with great enthusiasm. This event will be held for the 19th time and in South Africa starting from June 11, 2010. Following an analysis of the e-mail attack, Symantec researchers have found that it maliciously exploits the intellectual property and name of Greenlife Africa, a well-known safari organizer from Africa. The organizer has released a highly useful and informative PDF guide on this World Cup that online miscreants downloaded and modified so that malware could be incorporated into it, they explain. MessageLabs (the e-mail filtering body of Symantec) reports that the miscreants then dispatched this guide in its poisoned form to a leading international organization. It adds that if the attack is successfully executed, then a backdoor Trojan and a rootlet are planted on compromised systems. Moreover, the e-mail is so worded that it seems the attackers are trying to dupe government organizations such as tourism authorities and consulates into distributing malicious PDF file to people at large via official channels. It states that the recipient may forward the e-mail to any person interested in getting the Soccer Travel Guide. But Symantec cautions that current AV applications are unable to detect PDF attachment. During 2009, malevolent PDF files accounted for 80% of the total exploits. In addition, they are an unprecedented preferred infection medium beating cyber criminals' distribution of malevolent Microsoft Office files. According to experts, users should make their Adobe software up-to-date, or possibly use a different PDF Reader. Furthermore, they should approach their browser plug-ins and third-party software in a comprehensive manner. Related article: E-Crime Reporting Format To Be Launched in July ยป SPAMfighter News - 4/6/2010 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
