
According to Alex Shipp, senior anti-virus technologist at MessageLabs, using Word documents is a powerful way to launch these attacks, because they are a popular tool, used by a huge number of people in an uncomplicated format.
The research also reveals that the email security company intercepted 595 messages in 249 separate targeted attacks aimed at 192 different organisations. Of these, 180 were one-on-one targeted attacks.
These figures represent a drop compared to March largely due to a decrease in attacks by the Taiwanese gang, MessageLabs claim.
PowerPoint attacks also slumped in April; however the same Asian ring made assaults using the CVE-2006-0022 exploit. Furthermore, an additional attack using the same PowerPoint exploit, but originating from an IP address in China hints that another cyber gang is in operation, according to Shipp.
“This month we saw a significant surge in documents using the CVE-2006-2492 exploit,” he said. “On first sight, it appears that more than one hacker ring is using this Microsoft Word exploit, and so an exploit generator kit might exist, although this has not yet been found.”