Malware Trojan Targets Windows 8 Users Via Google Docs

rated by 0 users
This post has 5 Replies | 0 Followers

Top 10 Contributor
Posts 26,155
Points 1,185,205
Joined: Sep 2007
ForumsAdministrator
News Posted: Sun, Nov 18 2012 12:16 PM
On Friday, security firm Symantec discovered a Trojan called Backdoor.Makadocs, which in typical backdoor Trojan fashion accesses a compromised system and attempts to swipe data from it. The interesting bit is that it uses Google Docs as a proxy server to get around firewalls and connect to a C&C server, instead of attempting to connect directly.

Using social engineering tactics to engage a user’s interest in the file, the Trojan arrives as a Rich Text Format (RTF) or Microsoft Word document; when a user opens it, the payload is delivered.

Essentially all versions of Windows are affected, from Windows 95 to Windows 7 (and Windows Server 2003 and 2008), and now Symantec says that the malware has been updated to add Windows 8 and Windows Server 2012 to the list, too.

Backdoor.Makadocs

Fortunately for most users, Backdoor.Makadocs appears to be aimed primarily at folks in Brazil. Still, be aware of any suspicious-looking documents, and if you’re a Symantec user, this particular malware will show up as “Trojan.Dropper”.

There's no doubt that this isn't the last piece of malware aimed at Windows 8; every time a new operating system hits the market, it brings with it a fresh batch of nasty software trying to find and exploit vulnerabilities. Fortunately, Windows 8 is handling security fairly well thus far
  • | Post Points: 50
Top 500 Contributor
Posts 164
Points 1,630
Joined: Nov 2010
MCaddick replied on Sun, Nov 18 2012 5:06 PM

"Fortunately for most users, Backdoor.Makadocs appears to be aimed primarily at folks in Brazil."

Brazil is the 5th largest country in the world, so the 'fortunately' thing is far from apt.

  • | Post Points: 35
Top 200 Contributor
Posts 385
Points 3,845
Joined: Jun 2011
RTietjens replied on Sun, Nov 18 2012 5:28 PM

"Using social engineering tactics to engage a user’s interest in the file,"

In other words, like most Trojans, this one appeals to greed and hormones to get users to do something that is obviously stupid.

  • | Post Points: 5
Top 25 Contributor
Posts 3,586
Points 54,885
Joined: Jul 2004
Location: United States, Massachusetts
ForumsAdministrator
MembershipAdministrator
Dave_HH replied on Sun, Nov 18 2012 11:26 PM

I don't think that statement was any slight against Brazil but more that it was localized versus a wide spread attack.

Editor In Chief
http://hothardware.com


  • | Post Points: 5
Not Ranked
Posts 13
Points 155
Joined: Nov 2012
Location: Michigan
kylevasher replied on Mon, Nov 19 2012 12:01 AM

If you know what you're doing, you shouldn't have to worry about this. Unfortunately most users don't have a clue.

  • | Post Points: 5
Top 200 Contributor
Posts 354
Points 3,075
Joined: Aug 2012
Location: Canada
Kidbest100 replied on Mon, Nov 19 2012 12:34 AM

Another reason not to get 8!

:D

I use google docs regularly... So I'm glad I dont have windows 8, thats for sure.

PC Specs:

  • AMD Athlon 64 x2 6400+  Cooled by a Cooler Master Hyper 212 Plus (push-pull)
  • 2GB DDR2
  • MSI Radeon HD 6450 2GB
  • Stock Dell motherboard
  • 250Gb HDD
  • XFX Pro Core edition 650W PSU
  • Stock Dell inspiron case

 

  • | Post Points: 5
Page 1 of 1 (6 items) | RSS