The email attack claimed to be from a government department and contained a malicious trojan hidden within a Microsoft PowerPoint slideshow file.
Both the file name and body of the email indicated images of a Hummer in Iraq with the sender’s email address hoaxing an Australian government mail server, said Andrew Antal, country manager MessageLabs.
“We believe the intention was to confuse email AV security scanners into letting the email through. The inserted section of the email header attempted to show the email had already passed safely through the MessageLabs infrastructure,” he said.
Antal claimed the email attack, sent to a number of other domains within the Australian government, corporate and private sectors was stopped by MessageLabs’ heuristic scanner, Skeptic.
According to Antal, while targeted attacks in Australia aren’t unusual, this one was particularly sinister in that the attacker distributed the email as a “reply all” to the recipients of the legitimate email sent four days earlier, spoofing the senders email address.
“In doing so each of the recipients would regard the email as coming from a trusted source,” he said.
Aussie Govt. mail server targeted for attack
By Lilia Guan, CRN on May 20, 2008 2:57PM