No One is Safe from Curiosity

Sensei Post in Identity Theft

The British Parliament was attacked late last year by hackers who tried to exploit a recent serious Microsoft Windows flaw (WMF exploit), security experts confirmed on Friday, January 20. MessageLabs, the e-mail-filtering provider for the UK government, said that targeted e-mails were sent to various individuals within government departments in an attempt to take control of their computers. The e-mails harbored an exploit for the Windows Meta File (WMF) vulnerability. The attack occurred over the Christmas period and came from China, said Mark Toshack, manager of antivirus operations at MessageLabs, who added that the e-mails were intercepted before they reached the government’s systems.
The vulnerability with the way that WMF images are handled by Windows was discovered in November 2005. In a WMF attack, exploit code is hidden within a seemingly normal image that can be spread via e-mail or instant messages. The attack was individually tailored and sent to 70 people in the government, MessageLabs said. It played on people’s natural curiosity by purporting to come from a government security organization. The Trojan was hidden as an attachment called “map.wmf”.
It is nice to see that the UK governments IT department was aware of this vulnerability and that they took defensive action to avoid it!

Please follow and like us:
« Prev: :Next »