'Merry Christmas to our heroes' e-mail installs malicious code
iDefense sent out a warning about the malware
Computerworld - A popular Christmas PowerPoint file has been modified to incorporate malicious code that gives an attacker unauthorized access to infected systems, iDefense warned today.
In an e-mail warning, iDefense Labs said that the e-mail with the subject "Merry Christmas to our hero sons and daughters!" and the attachment Christmas+Blessing-4.ppt "silently installs a backdoor Trojan horse on vulnerable computers." According to Ken Dunham, director of iDefense's Rapid Response Team, this version of the Hupigon (sometimes also called Hupigeon) Trojan installs two files on a compromised system: msupdate.dll (18,507 bytes) and sdfsc.dll (3 bytes).
A remote Web site used in this attack has been found on a server in China, Dunham said.
"Details regarding the PowerPoint exploit are still unclear, but detected by a few scanners as a possible MS06-012 exploit," Dunham wrote. Such Microsoft Office exploits can allow remote execution of commands on infected systems.
Attacks on Microsoft Corp.'s Office software have been on the rise for months now, Marc Maiffret, chief technology officer at security vendor eEye Digital Security Inc., said earlier this month. Office vulnerabilities were once released "on a monthly basis," he said.
"Now we're at the point where it's almost daily."
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts