Malware Trojan Targets Windows 8 Users Via Google Docs

On Friday, security firm Symantec discovered a Trojan called Backdoor.Makadocs, which in typical backdoor Trojan fashion accesses a compromised system and attempts to swipe data from it. The interesting bit is that it uses Google Docs as a proxy server to get around firewalls and connect to a C&C server, instead of attempting to connect directly.

Using social engineering tactics to engage a user’s interest in the file, the Trojan arrives as a Rich Text Format (RTF) or Microsoft Word document; when a user opens it, the payload is delivered.

Essentially all versions of Windows are affected, from Windows 95 to Windows 7 (and Windows Server 2003 and 2008), and now Symantec says that the malware has been updated to add Windows 8 and Windows Server 2012 to the list, too.

Backdoor.Makadocs

Fortunately for most users, Backdoor.Makadocs appears to be aimed primarily at folks in Brazil. Still, be aware of any suspicious-looking documents, and if you’re a Symantec user, this particular malware will show up as “Trojan.Dropper”.

There's no doubt that this isn't the last piece of malware aimed at Windows 8; every time a new operating system hits the market, it brings with it a fresh batch of nasty software trying to find and exploit vulnerabilities. Fortunately, Windows 8 is handling security fairly well thus far
Via:  Symantec

blog comments powered by Disqus