Olympic Message Masks Trojan

According to security analysts at MessageLabs, a valid attachment that contains security information for the approaching Beijing Olympics is also carrying a stealthy Trojan. secure computing published this in news on February 25, 2008.

The analysts say that the documents though seem to originate from Olympic e-mail servers, they include an embedded malware. Meanwhile, recipients found them so relevant that they forwarded the malware-infested messages to other potential victims of the Olympic committee, the researchers said after noticing the practice.

According to MessageLabs, those who opened the destructive attachment activated a zero-day code in Microsoft Word. The document would then silently run the harmful exploit on the affected system.

Commenting on the documents, Senior Architect Maksym Shipka at MessageLabs said that they are otherwise perfectly legitimate and the information is real that provided a continuous series of valid e-mail communications. SCMagazine published Shipka's statement on February 25, 2008.

Shipka also noted that the attack used such precise social engineering that the target does not only end up viewing the malicious attachments himself but also passed it to other members of the Olympic committee. This probably marks the attackers' intention for such a result, Shipka added.

Researchers further warned that techniques of social engineering are dangerous spam trends. They design messages customized to users' behavioral patterns and since the included attachment is from a trustworthy sender, the recipient thinks it to be safe.

Attacks using social engineering tactics are difficult to differentiate between the dangerous ones and the not so dangerous ones. It, therefore, means users are now required to be ever more vigilant prior to viewing or forwarding e-mail attachments, said MessageLabs analysts.

Besides, the recently published MessageLabs Intelligence Report for January 2008 indicated how spammers are increasing their skills in businesses and taking advantage of seasonal trends and current news much more commercially.

The report also indicated how cyber criminals are already exploiting the existing credit crisis and attempting to entice bargain-seeking shoppers with any big occasion like the Beijing Olympics. The report also said that spammers are increasingly using finance-related e-mail attacks and campaigns offering financial items, jobs, lottery scams and loans.

Related article: Olympic Theme trojans Target Data-Rich Industries

» SPAMfighter News - 3/1/2008