Browse archive

Latest news

CISOs need to engage with the board

Wi-Fi client security weaknesses still prevalent

Find TrueCrypt and BitLocker encrypted containers and images

Sourcefire goes beyond the sandbox

The CSO perspective on healthcare security and compliance

Jailed hacker designs device to thwart ATM card skimming

U.S. Congress has questions about Google Glass and privacy

Cyber espionage campaign uses professionally-made malware

Form-grabbing rootkit sold on underground forums

Large cyber espionage emanating from India

Over 45% of IT pros snitch on their colleagues

Thoughts on the need for anonymity

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

"Dalai Lama's birthday plan" email leads to backdoor

Posted on 06.07.2012

Today marks the current Dalai Lama's 77th birthday - an occasion that served as a perfect ploy to make his supporters unknowingly install a backdoor on their systems.

Starting on July 3, Kaspersky Lab researchers have begun intercepting targeted emails with “Dalai Lama’s birthday on July 6 to be low-key affair” in the subject line:

The email also carries a .doc file with the same name.

Unfortunately, the file in question is boobytrapped and, once run, it exploits a vulnerability in Windows Common Controls, which opens the door for the backdoor Midhos Trojan to be dropped and installed onto the system.

The backdoor then tries to contact a C&C server located on the same IP address that previously spotted attacks targeting Mac users have used, and get its instructions from there.

In the meantime, the victims are presented with an article detailing the aforementioned low-key plans so that they would not suspect something was amiss.