[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Henry Bremridge wrote: > > Interesting article in the Economist about the recent stories of > China spying on the West. What the attackers apparently did was to > send fake emails with trojans. The twist was they faked: - The > sender, to be a known friend - The style of writing and preferred > topics - The attachment was something known to be of interest > > ie a specific trojan aimed at one person > > sorry was reading the paper version but the full story should be > available at www.economist.com under "a chinese ghost in the machine" Interesting story, but the approach is hardly novel. cDc's BO came with a tool to embed itself in arbitrary executables, so you just found a program of interest to the target, wrapped it and sent it to them, and BO became a play thing for every school kid interested in computers at the time. It does highlight the importance of preventative approaches, virus signature checking is pointless if the malware was made specially for the occasion. I'm often surprised at the lack of serious infrastructure security measures at large enterprises, I think I've only seen one major corporation where it would have been challenging for any malware that did get installed to create a tunnel back to anywhere else on the Internet. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html