Single-victim spam attacks skyrocket

Micro-managed attacks that consist of one e-mail targeting one person are up more than 10 times over last year's levels, a message security company said Tuesday.

Other stories on this topic
A blow against pretexting . . . too late for HP 4/6/2007
After patches, Microsoft warns of PowerPoint attack 10/13/2006
Attackers targeting new PowerPoint bug 9/27/2006
Powered by Inform
RSS feed

These targeted attacks aim a very low number of spam messages -- more often than not just one -- at individuals working at companies or government agencies with data that criminals prize. Like spam that is blasted in massive quantities, these messages come with a malicious payload that tries to compromise the recipient's PC, usually by bundling multiple exploits against zero-day vulnerabilities or bugs that users haven't gotten around to patching.

In a report issued Wednesday, MessageLabs said it intercepted 716 messages from 249 targeted attacks last month; those attacks were aimed at 263 domains representing 216 customers.

Last year, said Alex Shipp, a MessageLabs research engineer, the company was seeing two a day on average. "Two years ago it was two attacks a week, last year two a day," he said.

Most of the attacks rely on malformed Microsoft Office documents, in particular Word and PowerPoint files, said Shipp. "They're not just using one exploit, but several" in a single malicious file, he added. Together, Office attack documents made up 84% of March's detected one-offs.

Those exploits are so successful, said Shipp, that one Chinese hacker gang has relied on the same two attack files since November 2006, and used the pair more than 150 times in the last five months.

Almost a fourth of March's victims were categorized by MessageLabs as Public Sector, meaning governments and governmental agencies. "All of these are data-stealing attacks," said Shipp. "They want to get information, and they all eventually use some kind of PC remote control malware to exploit the organization." Shipp declined to go into more detail, citing customer confidentiality.

Microsoft's Office suite was patched numerous times in 2006, and more fixes were released in January and February of this year for Excel and Word, respectively. PowerPoint, however, hasn't been patched since October 2006. Several PowerPoint bugs have yet to be fixed, including one acknowledged by the Microsoft Security Response Center (MSRC) last year. Because the MSRC determined that the flaw wasn't remote exploitable, however, it decided not to release a patch.   

1 | 2 |  Next >

For more enterprise computing news, visit Computerworld. Story copyright Computerworld, Inc.
Recent News:
· Feds draw a bead on Russian behind Mega-D botnet
· Ransomware Attack Resurfaces to Hold Files Hostage
· Adobe Reader X Makes PDF Files Safer
· PayPal Users Beware of Holiday Phishing Scam
· McAfee Reports Malware at All-Time High
Site Map | Recent News | Related Sites

Copyright © 2006 EmailSafety.net - All Rights Reserved.