Your new post is loading...
FireEye spots crooks using old tricks to avoid detection
A cyber attack that uses Google Docs to avoid detection in order to steal information has been spotted in the wild.
Security firm FireEye reported uncovering the campaign, warning that the crooks are using advanced malware to mount a targeted spear phishing campaign designed to steal corporate and personal data from a variety of victims.
FireEye researcher Chong Rong Hwa wrote: "The FireEye research team has recently identified a number of spear phishing activities targeting Asia and ASEAN [Association of Southeast Asian Nations]. Of these, one of the spear phishing documents was suspected to have used a potentially stolen document as a decoy.
"This malware was found to have used a number of advanced techniques, which makes it interesting. The malware leverages Google Docs to perform redirection to evade callback detection."
"This malware was found to have used a number of advanced techniques, which makes it interesting. The malware leverages Google Docs to perform redirection to evade callback detection."
Interesting read. Looks like FireEye's sandboxing techniques paid off in this regard.