ZDNet reports that several hundred CXOs are receiving a new kind of email attack. Messages containin Word documents that include an executable file. If the recipient clicks on the file, it runs a zero-day exploit on the victim’s computer.
According to MessageLabs, the recipients tend to be CXOs as follows:
- 30% chief investment officers
- 11% chief executive officers
- 6% chief financial officers
The targets are technically inexperienced victims whose computers may hold interesting personal or corporate data. Attackers find the victims names through search engines and social networking sites. I’m guessing that LinkedIn is one of these sites.
Pingback: Vicrypt malware holds hard drives for ransom