News

Cybercriminals use China attacks on Google as lure

Cybercriminals are exploiting the recently announced China-based cyber attacks against Google and more than 20 other companies as a lure for carrying out further targeted attacks.

The attackers are sending out e-mails that claim to contain details of the Google attacks in a PDF attachment, according to a blog post by security firm F-Secure.

The e-mails appear to come from legitimate sources, but when the attachment is opened, it exploits a known vulnerability in Adobe Reader and Acrobat software to install a back door.

Anyone clicking on the link will be vulnerable to the attack if they have not updated their Acrobat software with the patch released by Adobe on 12 January.

The affected versions of the software are Adobe Reader 9.2 and Acrobat 9.2, Adobe Reader 8.1.7 and Acrobat 8.1.7 for Windows and Macintosh, and Adobe Reader 9.2 for Unix.

Adobe has warned that these vulnerabilities could be used to execute code on affected computers or cause systems to crash.

F-Secure has also reported similar targeted attacks using malicious PDF files sent to US military contractors, in which the e-mails were crafted to look like they were from the US Air Force.

The attacks demonstrate a shift to more carefully crafted malicious e-mails targeted at specific individuals or groups.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy