NEWS FROM THE LAB - Friday, April 18, 2008

E-spionage Posted by Sean @ 17:35 GMT

Espionage Trojans:

On Monday SANS Internet Storm Center wrote about a targeted attack against CEOs. The e-mail messages were directly sent to senior corporate executives and properly identified them by name. The message claimed their testimony was required in a corporate lawsuit. If they clicked through on the link to read the supposed subpoena they were then asked to install a file.

And if they ran the file? Then they were really installing a trojan-spy designed to steal certificates. Here's the description of what we detect as Trojan-Spy:W32/Small.BSL.

On Wednesday Dan Goodin reported that the attack repeated itself with some additional successes.

We've been watching the evolution of targeted attacks for about two years now. Hopefully this recent press coverage helps to shed some light on a very serious issue.

One of our recent posts linked to the Businessweek article "The New E-spionage Threat". If you haven't read it yet, take the time to do so this weekend.

No time? Then at least grab yourself their Behind the Cover podcast from here.