MessageLabs said it has intercepted a Trojan specifically targeted at Australian domains.
Click to enlarge
The email attack claimed to be from a government department and contained a malicious Trojan hidden within a Microsoft PowerPoint slideshow file.
Both the file name and body of the email indicated images of a Hummer in Iraq with the sender’s email address hoaxing an Australian government mail server.
Andrew Antal, Country Manager MessageLabs said, “The attacker attempted to fake the route of the email by inserting headers from a legitimate email sent four days before which was captured by the attacker. We believe the intention was to confuse email AV security scanners into letting the email through.”
The email attack, sent to a number of other domains within the Australian government, corporate and private sectors was stopped by MessageLabs’ heuristic scanner, Skeptic.
Antal added that, “While we have seen targeted attacks in Australia before, this one was particularly sinister in that the attacker distributed the email as a “reply all” to the recipients of the legitimate email sent four days earlier, spoofing the senders email address. In doing so each of the recipients would regard the email as coming from a trusted source”