Cyberattack aims at government agencies in Asia, Europe

An e-mail claiming to be from the Chinese Ministry of National Defense actually contains a piece of malware that exploits a hole in Microsoft Office, says Trend Micro.

Government agencies across several countries are on the hit list of a targeted cyberattack, according to security vendor Trend Micro.

Officials at agencies across Europe and Asia have been receiving an e-mail that lists the Chinese Ministry of National Defense as the source, Trend Micro revealed on Monday. But in fact, the message seems to comes from a Gmail account and uses no Chinese name.

The e-mail itself is packed with a malicious attachment designed to exploit a weakness in all versions of Microsoft Office from 2003 through 2010. Microsoft actually patched this specific hole more than a year ago, so users with updated security should be safe.

But what happens to those who aren't properly protected and open the attachment?

The malware steals log-in information for Web sites and e-mail accounts from Microsoft Outlook and Internet Explorer, according to Trend Micro. The information is then forwarded to two IP addresses, both located in Hong Kong.

The details in the e-mail is of particular interest to the officials targeted in the attack, luring them to open the attached file. The stolen information and the source of the attack are "very consistent" with similar attacks aimed at large organizations who use Outlook and IE, Trend Micro added.

China is often on the list of usual suspects in certain types of cyberattacks. But in this case, Chinese media Web sites were also among the potential victims.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

The problem with Amazon Dash buttons

Limits on choice mean new shopping gadget won't click for everyone. Bridget Carey explains how the buttons work, and the rule changes for sharing your Prime perks with others.

by Bridget Carey