Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spoofed White House Card Dupes Many Gov't Employees, Steals Data

Posted by timothy on from the you-may-have-already-won dept.

tsu doh nimh writes "A run-of-the-mill malware-laced e-mail that spoofed seasons greetings from The White House siphoned gigabytes of sensitive documents from dozens of victims over the holidays, including a number of government employees and contractors who work on cybersecurity matters, writes krebsonsecurity.com. The story looks at several victims who fell for the attack, and suggests it may be related to a series of similar document-harvesting runs throughout 2010. Government security vendor NetWitness notes that these types of incidents are blurring the lines between online financial fraud and espionage attacks."

2 of 173 comments (clear)

  1. Re:pack.exe as Perl/ZeuS Trojan? by betterunixthanunix · · Score: 4, Informative

    Most GNU/Linux systems (and I assume but cannot really say for sure about Mac OS X) will not just execute an arbitrary file that you download. Generally you have to at least set execute permissions on the file to get it to run, or feed it to its interpreter on its own (if it is a script). Additionally, for a secure desktop, one would generally set "noexec" on the home directories partition, so that users cannot just execute random code.

    Really though, this is all superficial by comparison with multilevel security systems, which for someone with top secret clearance seems like an obvious measure. MLS policies should forbid a program that you download from some random website from even opening a file that is "Top Secret," let alone sending a copy to some other system. A lot of research went into such systems, which are designed around the assumption that the threats are internal (e.g. a malicious program that is already running on the system) and that the goal is to prevent leaks (as opposed to the more common goal of restricting unauthorized access).

    --
    Palm trees and 8
  2. Re:Belarus by Max_W · · Score: 3, Informative

    In the article it is written that files were sent to a server in Belarus. My point is that it is not like they were sent to the Mars.

    And if there were a good working relationship between criminal police in D.C. and in Minsk, this could be easily solved or even prevented.