Skip to main content

Tibetan letter attacks target Windows PC

Trendmicro (opens in new tab) has published details of a targeted attack which uses social engineering to fool its victims into opening a Word Document which contain malicious codes.

The Word files are sent as attachments via email. It is not known whether the malicious code can be deactivated when opened with a non MS Word word processor - or Google Apps.

ComputerWorld (opens in new tab) understands that a vulnerability in parsing Microsoft Word system's file format is exploited by the criminals.

According to Research Project Manager Ivan Macalintal, the documents contain real press releases and news articles that are related to groups and organisations supporting the Tibetan government in exile.

The author of the blog, Jake Soriano, said that social engineering technique has been seen previously, adding "In October, a Trojan detected as TROJ_MDROPPER.WI also rode on the newsworthiness of the monk-led protests in Myanmar by arriving as an attachment to spam, which purported to be a message of support from the Dalai Lama to the monks. The said technique is also a familiar one from WORM_NUWAR’s book: leveraging on headline-grabbing events to facilitate its propagation."

Désiré Athow

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.