Cybercriminals use China attacks on Google as lure


Cybercriminals use China attacks on Google as lure

Warwick Ashford

Cybercriminals are exploiting the recently announced China-based cyber attacks against Google and more than 20 other companies as a lure for carrying out further targeted attacks.

The attackers are sending out e-mails that claim to contain details of the Google attacks in a PDF attachment, according to a blog post by security firm F-Secure.

The e-mails appear to come from legitimate sources, but when the attachment is opened, it exploits a known vulnerability in Adobe Reader and Acrobat software to install a back door.

Anyone clicking on the link will be vulnerable to the attack if they have not updated their Acrobat software with the patch released by Adobe on 12 January.

The affected versions of the software are Adobe Reader 9.2 and Acrobat 9.2, Adobe Reader 8.1.7 and Acrobat 8.1.7 for Windows and Macintosh, and Adobe Reader 9.2 for Unix.

Adobe has warned that these vulnerabilities could be used to execute code on affected computers or cause systems to crash.

F-Secure has also reported similar targeted attacks using malicious PDF files sent to US military contractors, in which the e-mails were crafted to look like they were from the US Air Force.

The attacks demonstrate a shift to more carefully crafted malicious e-mails targeted at specific individuals or groups.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy