AOH :: ISNQ5864.HTM

China hacks used as lure for more targeted attacks

China hacks used as lure for more targeted attacks
China hacks used as lure for more targeted attacks


http://www.computerworld.com/s/article/9147458/China_hacks_used_as_lure_for_more_targeted_attacks?taxonomyId=17 

By Jaikumar Vijayan
Computerworld
January 22, 2010

Malicious hackers have begun using the recent cyberattacks against 
Google and more than 30 other companies as lures for launching even more 
targeted attacks, security firm F-Secure said in a blog post today.

The company reported spoofed e-mails purporting to contain details on 
the alleged Chinese attacks that contain a PDF attachment. When opened, 
it installs and runs the Acrobat.exe backdoor on the user's machine.

A screen shot posted on F-Secure's Web site showed an e-mail designed to 
look like it came from George Washington University. The e-mail, with 
the subject header 'Chinese cyberattack,' offered the target a review of 
an article on the recent attacks that the purported author had just 
written for the Far Eastern Economic Review.

When the attached PDF is opened in Acrobat Reader, it exploits a known 
vulnerability in the doc.media.newPlayer function of the reader to 
install a back door on the user's system, F-Secure said. The flaw was 
patched by Adobe last week.

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org

Site design & layout copyright © 1986- CodeGods