Those G20 Briefings in Your Inbox May Be Laced With Spyware

[InfoSec News <alerts () infosecnews org>]

http://www.nextgov.com/cybersecurity/2013/09/are-your-g20-briefings-laced-spyware/69888/

By Aliya Sternstein
Nextgov.com
September 4, 2013

Infected emails seemingly bearing feedback on UK government draft G20 
briefings -- that actually steal data -- are targeting government 
officials and economic development leaders ahead of this week's global 
summit in Russia, researchers say. Spearphishing campaigns that coincide 
with the G20 are common, but this time researchers are questioning whether 
the documents might truly be genuine.

According to cybersecurity firm Symantec, a brief message in the body of 
the email thanks the recipient for circulating a series of "building 
block" documents on various global issues and new UK feedback on the 
documents.

"What is interesting about these documents is that each of them has track 
changes enabled and contains the reported comments from the UK called out 
in the original email," Symantec researcher Satnam Narang writes in a blog 
post. "At this time, we cannot verify the authenticity of these documents, 
but from our observation, modifications were made to them earlier this 
month, which states that they were last modified by a user named 'UK 
Government."

The five files are labeled "UKcomments," "UK-Building Block_DEVELOPMENT," 
"UK-Building Block_EMPLOYMENT," "UK-Building Block_ANTICORRUPTION" and 
"UK-Building Block_TRADE.

[...]



--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/