Tuesday December 2, 2008 4:33 AM AEST

SC Magazine Australia/NZ > News > Breaches & Exposures > Identity > Taiwanese gang exploits Microsoft Word

Vulnerability Alerts

SANS

Microsoft

MS07-068 - Critical: Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275) - Version:2.3
MS07-005: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (923723) - Version:2.0

CERT/CC

Latest Comments

"Concerned man's comments seem to intimate that if I'm using agents all will be well but the ..."

on Shavlik Technologies to broaden its patch management offerings

by Werner K | Nov 26, 2008 8:36 PM

"That will enhance Microsoft Office system, including SharePoint - good platform for enterprise ..."

on Companies have security to consider with in-the-cloud Office

by SGE | Nov 25, 2008 3:29 PM

"how many users allow per session? because the digital persona password manager allows only 10 ..."

on DigitalPersona Pro Workstation/Pro Server

by Daniel | Nov 25, 2008 12:14 AM

"security through obscurity...shows how detached HIPAA is from reality."

on Privacy breaches causing business instability

by priceOfFishInChina | Nov 20, 2008 1:19 PM

"I have been the recipient of Agent.JEN.Trojan through an email suggesting a UPS parcel (including..."

on Trojan disguised as UPS delivery note

by Vincent Laing | Nov 13, 2008 4:01 PM

Identity

Taiwanese gang exploits Microsoft Word

By Fiona Raisbeck
May 22, 2007 10:43 AM
Tags: Report: | Taiwanese | gang | continues | exploits

The study found that Microsoft Word has become an increasingly attractive target for hackers.

Such attacks soared from just four attacks in March to 66 attacks going to 273 recipients in April. According to Alex Shipp, senior anti-virus technologist at MessageLabs, using Word documents is a powerful way to launch these attacks, because they are a popular tool, used by a huge number of people in an uncomplicated format.

The research also reveals that the email security company intercepted 595 messages in 249 separate targeted attacks aimed at 192 different organisations. Of these, 180 were one-on-one targeted attacks. These figures represent a drop compared to March largely due to a decrease in attacks by the Taiwanese gang, MessageLabs claim.

PowerPoint attacks also slumped in April; however the same Asian ring made assaults using the CVE-2006-0022 exploit. Furthermore, an additional attack using the same PowerPoint exploit, but originating from an IP address in China hints that another cyber gang is in operation, according to Shipp.

"This month we saw a significant surge in documents using the CVE-2006-2492 exploit," he said.

"On first sight, it appears that more than one hacker ring is using this Microsoft Word exploit, and so an exploit generator kit might exist, although this has not yet been found."

Ads by Google

Thoughts on this article? Add a comment below.

Be the first to comment on this article.

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Most Read
Most Discussed
Latest News

Breaches & Exposures Whitepapers

Taiwanese gang exploits Microsoft Word

Sponsored Links

SC MAGAZINE SITEMAP

CATEGORIES

News

Alerts

Products

Stats

Blogs

Photo Galleries

Whitepapers

Events

Jobs

Downloads

Vulnerabilities & Exploits

Breaches & Exposures

Messaging

Mobile

Access Control

Biometrics & Forensics

Legal

Risk Management

Job Centre

Patch Management