On Friday, security firm Symantec
discovered a Trojan
called Backdoor.Makadocs, which in typical backdoor Trojan fashion accesses a compromised system and attempts to swipe data from it. The interesting bit is that it uses Google Docs
as a proxy server to get around firewalls and connect to a C&C server, instead of attempting to connect directly.
Using social engineering tactics to engage a user’s interest in the file, the Trojan arrives as a Rich Text Format (RTF) or Microsoft Word document; when a user opens it, the payload is delivered.
Essentially all versions of Windows are affected, from Windows 95 to Windows 7 (and Windows Server 2003 and 2008), and now Symantec says that the malware has been updated to add Windows 8 and Windows Server 2012 to the list, too.
Fortunately for most users, Backdoor.Makadocs appears to be aimed primarily at folks in Brazil. Still, be aware of any suspicious-looking documents, and if you’re a Symantec user, this particular malware will show up as “Trojan.Dropper”.
There's no doubt that this isn't the last piece of malware aimed at Windows 8; every time a new operating system hits the market, it brings with it a fresh batch of nasty software trying to find and exploit vulnerabilities. Fortunately, Windows 8 is handling security fairly well thus far