http://www.nextgov.com/cybersecurity/2013/09/are-your-g20-briefings-laced-spyware/69888/
By Aliya Sternstein
Nextgov.com
September 4, 2013
Infected emails seemingly bearing feedback on UK government draft G20
briefings -- that actually steal data -- are targeting government
officials and economic development leaders ahead of this week's global
summit in Russia, researchers say. Spearphishing campaigns that coincide
with the G20 are common, but this time researchers are questioning whether
the documents might truly be genuine.
According to cybersecurity firm Symantec, a brief message in the body of
the email thanks the recipient for circulating a series of "building
block" documents on various global issues and new UK feedback on the
documents.
"What is interesting about these documents is that each of them has track
changes enabled and contains the reported comments from the UK called out
in the original email," Symantec researcher Satnam Narang writes in a blog
post. "At this time, we cannot verify the authenticity of these documents,
but from our observation, modifications were made to them earlier this
month, which states that they were last modified by a user named 'UK
Government."
The five files are labeled "UKcomments," "UK-Building Block_DEVELOPMENT,"
"UK-Building Block_EMPLOYMENT," "UK-Building Block_ANTICORRUPTION" and
"UK-Building Block_TRADE.
[...]
--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
