Hackers turn to PowerPoint for virus infection

Status
Not open for further replies.

Kiran.dks

Technomancer
Hackers turn to PowerPoint for virus infection
Research found that PowerPoint now hosts 45 percent of attacks

Malware authors have made Microsoft's PowerPoint their vector of choice for infecting corporate systems.

Microsoft Word was the top choice for malware authors last year looking to embed code in seemingly innocuous documents.

But research from MessageLabs suggests that increased patching of Word, and a slack patching other applications, has prompted hackers to target PowerPoint.

"People expect to find PowerPoint in their emails, more so than applications like spreadsheets," said Alex Shipp, senior antivirus technologist at MessageLabs.

"Also it was a relatively untapped area and there were lots of exploits out there as Microsoft wasn't fixing them very quickly. Microsoft is now patching all these exploits that are brought out at a similar rate to Word."

The research found that PowerPoint now hosts 45 per cent of attacks, compared to 35 per cent in Word documents.

The most common targets were public sector systems, followed by the electronics and aviation sectors.

Surprisingly hackers are not attacking financial companies, although this may be because of improved security measures.

"There is not enough data but I think this is because if they try and steal directly from banks too many alarms go off," said Shipp.

"But where public sector institutions are involved there's a market for the data they hold."

Source
[EDITED]
 
OP
Kiran.dks

Kiran.dks

Technomancer
The exploit may be embedded also! It's always better to scan the file and keep your antivirus/antispyware software shield active.
 

sakumar79

Technomancer
Will it work if the ppt file is opened in OpenOffice.org? Or in PPT Viewer? I dont have MS Office in my computer, but use OOo... And also have the viewer for checking ppt files created by OOo...

Arun
 

gauravakaasid

Back to l33ching :)
Kiran_tech_mania said:
The exploit may be embedded also! It's always better to scan the file and keep your antivirus/antispyware software shield active.

can u elaborate on this??? embedded as in?
 
OP
Kiran.dks

Kiran.dks

Technomancer
gauravakaasid said:
can u elaborate on this??? embedded as in?

I am speaking about the embedded tag virus. Some of the virus are tagged to the files as a code. It is ineffective alone as a tag becoz it has no root to run the script unlike in exe files. But an buffer overflow in the application reading the document can activate this tag code and the code gets executed. Some tags are more harmful if the system is online. In absence of a good antivirus scanner, the code could further download a script from malicious site and run the script in the background without user intervention.
Hope its clear now. :)
 
Status
Not open for further replies.
Top Bottom