A stealthier version of Trojanized Microsoft Word documents is recently being sent as attachments to spammed email messages. Seen as another targeted attack, these malicious Word documents seem to be riding on the popularity of the upcoming Olympics in Beijing, China. The attachments have the file name Pasadena.doc.
Trend Micro Research Project Manager Ivan Macalintal compares this recent targeted attack to others before it, and comes up with several conclusions that would worry Internet users. First, he says that coverage of the attack has been relatively low, even by vendors with good Office heuristics. The malicious documents, he adds, has an embedded rootkit, albeit network-only; also, the control channels are obfuscated.
Macalintal believes that these attacks could be part of a bigger targeted malware attack related to the Beijing Olympics. Several news articles reported of protest actions after the Rose Parade in Pasadena featured a float with the China Olympics as theme. The reasons are political and may also concern international relations with the Chinese government.
China, interestingly, also was the subject of another infamous attack using similar Trojanized Word documents last January. Besides the Olympics, this former targeted attack also made references to the ongoing debate regarding Tibet.