|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[ISN] 'Merry Christmas to our heroes' e-mail installs malicious code
From: InfoSec News (alerts
infosecnews.org)
Date: Wed Dec 27 2006 - 00:12:43 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9006738
By Sharon Machlis
December 24, 2006
Computerworld
A popular Christmas PowerPoint file has been modified to incorporate
malicious code that gives an attacker unauthorized access to infected
systems, iDefense warned today.
In an e-mail warning, iDefense said that the e-mail with the subject
"Merry Christmas to our hero sons and daughters!" and the attachment
Christmas+Blessing-4.ppt "silently installs a backdoor Trojan horse on
vulnerable computers." This version of the Hupigon (sometimes also
called Hupigeon) Trojan installs two files on a compromised system,
according to Ken Dunham, director of iDefense's Rapid Respones Team:
msupdate.dll (18,507 bytes) and sdfsc.dll (3 bytes).
A remote Web site used in this attack has been found on a server in
China, Dunham said.
"Details regarding the PowerPoint exploit are still unclear, but
detected by a few scanners as a possible MS06-012 exploit," Dunham
wrote. Such Microsoft Office exploits can allow remote execution of
commands on infected systems.
Attacks on Microsoft's Office software have been on the rise for months
now, Marc Maiffret, chief technology officer with security vendor eEye
Digital Security Inc., said earlier this month. Office vulnerabilities
were once released "on a monthly basis," he said.
"Now we're at the point where it's almost daily."
_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]