Browse archive

Latest news

Microsoft to pay up to 150k for vulnerabilities

(IN)SECURE Magazine issue 38 released

Collected data helped foil 50 terrorist plots, says NSA chief

65+ websites compromised to deliver malvertising

Customized spam uses cell phone users’ data against them

Facebook once again accessible via Tor

Oracle releases critical security updates for Java

Employees biggest IT threat to businesses

Google asks secret court permission to publish FISA numbers

Failed backups endanger revenue and productivity

How to detect hidden administrator apps on Android

CyanogenMod founder aims to thwart data-grabbing apps

Hacking charge stations for electric cars

"Dalai Lama's birthday plan" email leads to backdoor

Posted on 06.07.2012

Today marks the current Dalai Lama's 77th birthday - an occasion that served as a perfect ploy to make his supporters unknowingly install a backdoor on their systems.

Starting on July 3, Kaspersky Lab researchers have begun intercepting targeted emails with “Dalai Lama’s birthday on July 6 to be low-key affair” in the subject line:

The email also carries a .doc file with the same name.

Unfortunately, the file in question is boobytrapped and, once run, it exploits a vulnerability in Windows Common Controls, which opens the door for the backdoor Midhos Trojan to be dropped and installed onto the system.

The backdoor then tries to contact a C&C server located on the same IP address that previously spotted attacks targeting Mac users have used, and get its instructions from there.

In the meantime, the victims are presented with an article detailing the aforementioned low-key plans so that they would not suspect something was amiss.