Increase in Attacks Against Military Contractors

Spiked PDF CFP FormIf you haven’t noticed, there have been a lot of attacks against major government contractors lately. As you can imagine this affects many of the infosec pros around DC looking to make a name for themselves. Lockheed, Northrop, Booz, … I’m sure many of us have been affected in one way or another. The most recent story to hit the wire is of a CFP, shown at right, disguised in a spiked PDF document. Open it and you get a real-looking CFP form. Unfortunately, you are also being p0wned. Specifically, your machine connects back to the attacker so he can do his tidings. Be careful out there…

via Net-Security.org

The last few months have seen a lot of cyber attacks aimed at U.S. military contractors and they are still ongoing.

F-Secure researchers have recently spotted an email obviously directed at military contractors’ employees, which contains a malicious .pdf attachment.

“When opened in Adobe Reader, it exploits a known Javascript vulnerability and drops a file called lsmm.exe,” they explain. “This is a backdoor that connects back to the attacker, who is waiting at IP addresses 59.7.56.50 and 59.19.181.130.”

Continued here.

4 comments for “Increase in Attacks Against Military Contractors

  1. July 20, 2011 at 10:55 am

    # Increase in Attacks Against Military Contractors http://bit.ly/nE4BiD

  2. July 20, 2011 at 12:12 pm

    Increase in Attacks Against Military Contractors: If you haven’t noticed, there have been a lot of attacks against… http://dlvr.it/bvzHT

  3. July 20, 2011 at 1:12 pm

    Increase in Attacks Against #Military_Contractors: [nova#infosecportal.com] If you haven t noticed, there have been… http://cybr.tk/bwJTn

  4. July 20, 2011 at 2:08 pm

    #NOVABLOGGER: Increase in Attacks Against Military Contractors http://bit.ly/ps1lY3 http://j.mp/nispblog

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.