Cyberattack aims at government agencies in Asia, Europe

An e-mail claiming to be from the Chinese Ministry of National Defense actually contains a piece of malware that exploits a hole in Microsoft Office, says Trend Micro.

Lance Whitney Contributing Writer
Lance Whitney is a freelance technology writer and trainer and a former IT professional. He's written for Time, CNET, PCMag, and several other publications. He's the author of two tech books--one on Windows and another on LinkedIn.
Lance Whitney

Government agencies across several countries are on the hit list of a targeted cyberattack, according to security vendor Trend Micro.

Officials at agencies across Europe and Asia have been receiving an e-mail that lists the Chinese Ministry of National Defense as the source, Trend Micro revealed on Monday. But in fact, the message seems to comes from a Gmail account and uses no Chinese name.

The e-mail itself is packed with a malicious attachment designed to exploit a weakness in all versions of Microsoft Office from 2003 through 2010. Microsoft actually patched this specific hole more than a year ago, so users with updated security should be safe.

But what happens to those who aren't properly protected and open the attachment?

The malware steals log-in information for Web sites and e-mail accounts from Microsoft Outlook and Internet Explorer, according to Trend Micro. The information is then forwarded to two IP addresses, both located in Hong Kong.

The details in the e-mail is of particular interest to the officials targeted in the attack, luring them to open the attached file. The stolen information and the source of the attack are "very consistent" with similar attacks aimed at large organizations who use Outlook and IE, Trend Micro added.

China is often on the list of usual suspects in certain types of cyberattacks. But in this case, Chinese media Web sites were also among the potential victims.