Malware campaign strikes Asian, European governments

Trend Micro says it detected a targeted attack that sent malware-laden emails to representatives of 16 European countries and some Asian governments.

The bogus emails purported to come from China’s defense ministry and contained a malicious attachment that exploited a now-patched vulnerability in Microsoft Office versions 2003 to 2010, wrote¬†Jonathan Leopando, a technical communications specialist with Trend Micro.

Microsoft patched the vulnerability in Office, CVE-2012-0158, more than a year ago although attackers are still frequently targeting it, including in the Safe and Taidoor campaigns, Leopando wrote.

If the email attachment is opened on an unpatched computer, a “backdoor” program is then installed that steals login credentials for websites and email credentials from Internet Explorer and Microsoft Outlook, Leopando wrote.

SOURCE: pcworld.com

Information Security Buzz