Criminal ring continues attacks

23/05/2007

A criminal ring based in Taiwan has continued to make email attacks during March and April, according to MessageLab.

The ring, known as 'Task Briefing' after the subject line of the emails it uses, continued to make attacks during April using the PowerPoint exploit CVE-2006-0022, the web security services firm found.

It also continued to make attacks using Microsoft Word documents that contain SmartTag exploit, CVE-2006-2492.

Such attacks have increased substantially since March 2007, from four attacks going to four single recipients, to 66 attacks going to 273 recipients in April.

Alex Shipp, senior anti-virus technologist at MessageLabs said: 'This month we saw a significant surge in documents using the CVE-2006-2492 exploit.

'On first sight, it appears that more than one hacker ring is using this Microsoft Word exploit, and so an exploit generator kit might exist, although this has not yet been found,' he added.

Last month MessageLabs intercepted 595 emails in 249 separate targeted attacks aimed at 192 different organizations.

Of these, 180 were one-on-one targeted attacks.
ADNFCR-8000120-ID-18158407-ADNFCR