Today, our friends at Trend Micro blogged about a new attack vector using Microsoft Word documents. We saw this as well last week, and have written a detection for the dropped trojan.
It�s not just a �lawsuit� that�s being spammed, we also picked up another form of this attack in our honeypots over the weekend:
When you open the Word document, you see a �PDF�, but it�s actually not. It�s a JPG, which links to an executable.
In Word 2007, it�s kind of like the Amish virus: The user has to really want to get infected.
Latest VirusTotal detection here.
Alex Eckelberry
No comments:
Post a Comment