An e-mail claiming to be from the Chinese Ministry of Defense actually contains a piece of malware that exploits a hole in Microsoft office, says Trend Micro.
Government agencies across several countries are on the hit list of a targeted cyber attack according to security vendor Trend Micro.
Officials at agencies across Europe and Asia have been receiving an e-mail that list the Chinese Ministry of National Defense as the source, Trend Micro revealed on Monday. But in fact the message seems to come from a Gmail account and uses no Chinese names.
The e-mail itself is packed with a malicious attachment designed to exploit a weakness in all versions of Microsoft office from 2003-2010, Microsoft actually packed this hole a year ago so users with updated Security Essentials should be safe.
But what happens to those who aren’t protected properly and open the attachment? The malware steals Log-in information for websites and e-mail accounts from Microsoft outlook and Internet Explorer according to Trend Micro. After that the information is forwarded to two IP addresses both located in Hong Kong.
China is often on the list of usual suspects in certain types of cyber attacks, but in this case Chinese Media web sites were among those affected by the malware and fell victim to it.