Targeted WMF email attacks

Our colleagues and business partners at Messagelabs have stopped a very interesting WMF attack today. A new WMF exploit file was spammed from South Korea to a targeted list of a few dozen high profile email addresses.

The email urged recipients to open the enclosed MAP.WMF file which exploited the computer and downloaded a backdoor from www.jerrynews[dot]com.

What makes the case really interesting was the cloak-and-dagger language used in the email which was spoofed to originate from US State Department's security unit. F-Secure : News from the Lab

Linked by shanmuga Monday, 2nd January 2006 9:42PM