Report: Taiwanese gang continues exploits

A Taiwanese criminal gang continues to launch attacks as Microsoft Word becomes the most common exploit vector, latest figures by MessageLabs show.

The study found that Microsoft Word has become an increasingly attractive target for hackers. Such attacks soared from just four attacks in March to 66 attacks going to 273 recipients in April. According to Alex Shipp, senior anti-virus technologist at MessageLabs, using Word documents is a powerful way to launch these attacks, because they are a popular tool, used by a huge number of people in an uncomplicated format.

The research also reveals that the email security company intercepted 595 messages in 249 separate targeted attacks aimed at 192 different organisations. Of these, 180 were one-on-one targeted attacks. These figures represent a drop compared to March largely due to a decrease in attacks by the Taiwanese gang, MessageLabs claim.

PowerPoint attacks also slumped in April; however the same Asian ring made assaults using the CVE-2006-0022 exploit. Furthermore, an additional attack using the same PowerPoint exploit, but originating from an IP address in China hints that another cyber gang is in operation, according to Shipp.

“This month we saw a significant surge in documents using the CVE-2006-2492 exploit,” he said. “On first sight, it appears that more than one hacker ring is using this Microsoft Word exploit, and so an exploit generator kit might exist, although this has not yet been found.”

Sign up to our newsletters