Top executives face personal malware threat

Top executives face personal malware threat

Summary: Hackers have created a botnet that has sent personally crafted emails to 500 C-level executives in a bid to extract confidential company data

SHARE:
TOPICS: Security
0

Hackers have targeted 500 key business executives in what is believed to be the first mass-targeted malware attack, according to security vendor MessageLabs.

Targeted attacks aim to bypass security measures by individually addressing emails, which often contain zero-day exploits.

On 26 June, MessageLabs intercepted more than 500 individual email attacks targeted at individuals in senior management positions in a variety of organisations around the world. Normally MessageLabs sees approximately 10 targeted attacks per 200 million emails per day, said Mark Sunner, MessageLabs' chief security analyst.

The malicious emails contain the name and job title of the victim in the subject line. The vertical sector most targeted was banking and finance, with chief investment officers being targeted in 30 percent of the attacks, according to Sunner. However, other verticals were also targeted. Eleven percent of the intended victims were chief executive officers, while six percent were chief finance officers.

Sentry Posts Blog

Sentry Posts Blog

Guarding the network

What you need to know — and what you and your peers have to tell us — about security management in our new community group blog

Read more

Sunner said that the executives being targeted were perhaps "not that tech savvy". In the attacks, an executable file was embedded in a Word document. If the victim opened the document and clicked on a link, the file would have run a data-stealing Trojan that relied on creating buffer overflow conditions in Office documents.

MessageLabs said it did not know who had perpetrated the attack. "It's a certainty that some executives were compromised," said Sunner.

The intended victims' PAs, spouses and relatives were also targeted by name, in attempt to infect other computers related to the victim. The intent was to indirectly gain access to confidential correspondence and intellectual property relating to the target, said MessageLabs.

Sunner said he suspected the hackers harvested the information using search and social-networking sites. "Someone somewhere has really done their homework," said Sunner.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion