All the latest UK technology news, reviews and analysis
|
|
|
21 Apr 2008
Chief executives have been warned to be on their guard against a campaign of personalised spear phishing attacks.
Reports surfaced last week of emails arriving with bogus subpoenas requesting the named chief executive to click on a link purporting to contain court documents.
The link actually leads to a plug-in that contains a Trojan with the ability to take over the victim's computer.
The reason this attack is so dangerous is that it is correctly addressed and identifies the chief executive by name.
European data security firm Norman said that the emails look very realistic and, unlike many other phishing attempts, use good grammar and spelling.
They contain the correct name of the company, the correct chief executive and can even contain the correct phone number, misleading the recipients into following the instructions.
The link, which appears to lead to the American courts, in fact leads to a server in China, and recipients are asked to install a plug-in to access the 'documents'.
By doing this the victims are in fact installing a Trojan that gives criminals access to data located on the computer.
The Trojan is installed in form of a digitally signed CAB archive which extracts a file called 'acrobat.exe'. This file installs 'acrobat.dll' that gives the Trojan access to all data that passes through the web browser and Windows Explorer.
Current reports show that an increasing number of chief executives have been targeted, and that the apparent legitimacy of the document is proving highly successful for the malware writers.
Trygve Aasland, chief executive at Norman, was one of the recipients. "This email appears legitimate and the technique is clever in that most people will want to discover the details of why and by whom they are being sued," he said.
"Fortunately I am very much aware of these attacks and we remained unaffected. But I can see how others may have been tricked into opening the link and installing the so-called plug in."
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Java / J2EE analyst programmer with experience of building...
Crystal Reports Developer London or Dublin £340 per day...
Our client is a major Broadcasting company seeking a...
Support Engineer required to work for leading Online...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?