iTnews

Taiwanese gang exploits Microsoft Word

By Fiona Raisbeck on May 22, 2007 10:43AM
Taiwanese gang exploits Microsoft Word

A Taiwanese criminal gang continues to launch attacks as Microsoft Word becomes the most common exploit vector, latest figures by MessageLabs show.

The study found that Microsoft Word has become an increasingly attractive target for hackers.

Such attacks soared from just four attacks in March to 66 attacks going to 273 recipients in April. According to Alex Shipp, senior anti-virus technologist at MessageLabs, using Word documents is a powerful way to launch these attacks, because they are a popular tool, used by a huge number of people in an uncomplicated format.

The research also reveals that the email security company intercepted 595 messages in 249 separate targeted attacks aimed at 192 different organisations. Of these, 180 were one-on-one targeted attacks. These figures represent a drop compared to March largely due to a decrease in attacks by the Taiwanese gang, MessageLabs claim.

PowerPoint attacks also slumped in April; however the same Asian ring made assaults using the CVE-2006-0022 exploit. Furthermore, an additional attack using the same PowerPoint exploit, but originating from an IP address in China hints that another cyber gang is in operation, according to Shipp.

"This month we saw a significant surge in documents using the CVE-2006-2492 exploit," he said.

"On first sight, it appears that more than one hacker ring is using this Microsoft Word exploit, and so an exploit generator kit might exist, although this has not yet been found."
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
continues exploits gang report security taiwanese

Partner Content

Putting cyber security basics in place
Partner Content Putting cyber security basics in place
What conversations should executives be having about cyber security?
Partner Content What conversations should executives be having about cyber security?
One way SD-WAN can save business leaders' time
Partner Content One way SD-WAN can save business leaders' time
Resetting cyber security for the new threat landscape
Partner Content Resetting cyber security for the new threat landscape

Sponsored Whitepapers

Is the technology refresh dead?
Is the technology refresh dead?
DevSecOps: A framework for digital innovation
DevSecOps: A framework for digital innovation
Encryption: Protect your most critical data
Encryption: Protect your most critical data
Overcoming data security challenges in a hybrid, multicloud world
Overcoming data security challenges in a hybrid, multicloud world
Move beyond passwords
Move beyond passwords

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • [Webinar] - Transformation versus compliance – a guide for CXOs
  • Masters of Microsoft Licensing
By Fiona Raisbeck
May 22 2007
10:43AM
0 Comments

Related Articles

  • Geolocation threats rise following demonstration of router hacking that can pinpoint a person's home
  • Govt to set infosec standards industry-by-industry: report
  • Civil groups want EU lawmakers to boost privacy rights in planned WhatsApp, Skype rules
  • Australian cyber security consultancy reportedly helped unlock San Bernardino iPhone
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Aussie Broadband to white label its services

Aussie Broadband to white label its services
Vodafone hit by nationwide 4G outage

Vodafone hit by nationwide 4G outage
ATO loses its cyber security chief

ATO loses its cyber security chief
Virgin Australia rebuilds its IT leadership team

Virgin Australia rebuilds its IT leadership team
You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.