An e-mail claiming to be from the Chinese Ministry of National Defense actually contains a piece of malware that exploits a hole in Microsoft Office, says Trend Micro. July 16, 2013 7:07 AM PDT Government agencies across several countries are on the hit list of a targeted cyberattack, according to security vendor Trend Micro. Officials at agencies across Europe and Asia have been receiving an e-mail that lists the Chinese Ministry of National Defense as the source, Trend Micro revealed on Monday. But in fact, the message seems to comes from a Gmail account and uses no Chinese name. The e-mail itself is packed with a malicious attachment designed to exploit a weakness in all versions of Microsoft Office from 2003 through 2010. Microsoft actually patched this specific hole more than a year ago, so users with updated security should be safe. But what happens to those who aren't properly protected and open the attachment? The malware steals login information for Web sites and e-mail accounts from Microsoft Outlook and Internet Explorer, according to Trend Micro. The information is then forwarded to two IP addresses, both located in Hong Kong. The details in the e-mail is of particular interest to the officials targeted in the attack, luring them to open the attached file. The stolen information and the source of the attack are "very consistent" with similar attacks aimed at large organizations who use Outlook and IE, Trend Micro added. China is often on the list of usual suspects in certain types of cyberattacks. But in this case, Chinese media Web sites were also among the potential victims.
An e-mail claiming to be from the Chinese Ministry of National Defense actually contains a piece of malware that exploits a hole in Microsoft Office, says Trend Micro.
Government agencies across several countries are on the hit list of a targeted cyberattack, according to security vendor Trend Micro.
Officials at agencies across Europe and Asia have been receiving an e-mail that lists the Chinese Ministry of National Defense as the source, Trend Micro revealed on Monday. But in fact, the message seems to comes from a Gmail account and uses no Chinese name.
The e-mail itself is packed with a malicious attachment designed to exploit a weakness in all versions of Microsoft Office from 2003 through 2010. Microsoft actually patched this specific hole more than a year ago, so users with updated security should be safe.
But what happens to those who aren't properly protected and open the attachment?
The malware steals login information for Web sites and e-mail accounts from Microsoft Outlook and Internet Explorer, according to Trend Micro. The information is then forwarded to two IP addresses, both located in Hong Kong.
The details in the e-mail is of particular interest to the officials targeted in the attack, luring them to open the attached file. The stolen information and the source of the attack are "very consistent" with similar attacks aimed at large organizations who use Outlook and IE, Trend Micro added.
China is often on the list of usual suspects in certain types of cyberattacks. But in this case, Chinese media Web sites were also among the potential victims.
