PowerPoint 0-Day Points to Corporate Espionage

Rakesgate writes "A second Trojan used in the latest zero-day attack against Microsoft Office contains characteristics that pinpoint corporate espionage as the main motive, according to virus hunters tracking the threat. This eWeek story walks through the attack, which uses a tainted 18-slide PowerPoint file, a Trojan dropper, 2 Trojans and a server in China that is used to communicate with compromised machines." From the article: "'Once this type of attack is out, it's very unusual for it to be limited to just one company. I think it's safe to assume that it's ongoing, especially since there is no patch for this vulnerability,' Huger added. Microsoft plans to issue a patch on August 8 for users of Microsoft PowerPoint 2000, Microsoft PowerPoint 2002 and Microsoft PowerPoint 2003. In the meantime, anti-virus experts are urging Microsoft Office users to be on the lookout for suspicious attachments, even those that appear to come from colleagues internally."

Corporate Espionage

[panaceaa]

Is corporate espionage actually valuable? I'm currently working at Adobe, and development plans are pretty widely discussed amongst employees. If something were to leak, I'm not sure what the value of it would be. The only real data points that are heavily protected are financial results and projections, and the product release dates that those rely on. But I'm pretty sure those are only protected for Wall Street purposes.

What kind of data do corporate spies hope to obtain? Would that data be actionable -- e.g, could a company come up with a competing product and be first to market if another company's already half way there?