• On TechRepublic: 10 cool USB flash drive tricks
April 23, 2008 11:12 AM PDT

At least 13 Olympics-theme Trojan horses seen (so far)

by Robert Vamosi
  • Font size
  • Print
  • Post a comment

Once again, criminal hackers are targeting a worldwide event to deposit their malicious software on victims' PCs, according to one security vendor.

Within the last six months, MessageLabs has found at least 13 new Trojan horse programs associated with e-mails bearing subjects such as "The Beijing 2008 Torch Relay" and "National Olympic Committee and Ticket Sales Agents."

The problem is, according to a MessageLabs representative, that the hackers' e-mail messages employ an embedded Microsoft Office database file within the zipped attachment. Microsoft said in a recent security advisory that customers not running Windows Vista or Windows Server 2003 are vulnerable to allowing remote attackers to gain full access to a compromised machine.

Once the malicious code is installed, an attacker could steal personal data. MessageLabs further predicts that malicious-code writers will change formats by using 1 Byte XOR Key, Multiple XOR keys, and ROR, ROL, ADD, and SUB formats.

The e-mails, however, are not random. MessageLabs says the Trojan horses are often targeted to individuals within a specific organization in an attempt to gain access to the corporate network. This practice is known as "spear phishing."

So far, such attacks appear to be a corporate threat, as opposed to an individual threat.

Research from MessageLabs shows that while the e-mails state that they come from the International Olympic Committee in Switzerland, most have IP addressed based in Asia.

As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments.
Topics:

Criminal Hackers,

Security

Tags:

security,

China,

Olympics,

Trojan horses,

MessageLabs

Share:
Digg
Del.icio.us
Reddit
Recent posts from Defense in Depth
Window Snyder to leave Mozilla
How to handle ID fraud's youngest victims
Is white listing going mainstream?
How Live OneCare changed the antivirus landscape
Express Scripts clients threatened with extortion
Study: DDoS attacks threaten ISP infrastructure
Security expert talks Russian gangs, botnets
Extortion used in Express Scripts database breach
Related
Behind the China attacks on Google (FAQ)
Google's challenge in China
U.S. law firm behind China piracy suit targeted in attacks
China-based Google attacks similar to prior ones
Google China insiders may have helped with attack
Microsoft fixes 8 IE holes, including one used in attacks
Google's spy case: Not the first, nor the last
Tech makes Olympic-size jump in Vancouver
advertisement

Google's social side aims for some Buzz

Facebook and Twitter are the darlings of the social-media world, not Google--which hopes to change that with Buzz, betting it can organize your online social life.

Watching the birth of a gaming start-up

Stewart Butterfield and his friends are back at it with a new company. CNET's Daniel Terdiman was given exclusive, behind-the-scenes access as they built it from scratch.

About Defense in Depth

Covering computer viruses and computer crime, Robert Vamosi goes beyond the hype to provide you with expert interviews of the top security researchers, as well as offering the hands-on, nontechnical advice you'll need to stay safe online.

Add this feed to your online news reader

Defense in Depth topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET