A new malware targeting governments in Asia and Europe has recently been discovered by Trend Micro.
Called EvilGrab, the malware is found to be the object of the new anti-APT (advanced persistent threat) campaign that targets security software and uses a system’s audio and visual components to seize information after monitoring the data.
Trend Micro said EvilGrab is usually launched via spear-phishing emails, which presents opportunities for malicious attachments to penetrate vulnerabilities and insert malicious codes.
Most often, the insertions occur on file types commonly used by employees at work. These include Microsoft Excel, spreadsheets, Word documents, and PDFs.
Trend Micro said that the goal of these malware is to steal valuable intellectual property, money, and other Personally Identifiable Information (PII) through a stealth technique known as “one-on-one”.
Both small and large organisations have all the reasons to be concerned about APTs. But the EvilGrab malware specifically targets governments, with prevalence greatest in China (36 percent) and Japan (18 percent).
Trend Micro further warned that the customised nature of APTs has resulted in “high rate of success and have resulted in extensive cost to organisations.”
Trend Micro’s 2013 Q2 Security Roundup stated that targeted attacks remained a problem for organisations. The report noted the recent high-profile South Korean and Associated Press (AP) attacks.
In response to APT, Trend Micro is offering a portfolio of Custom Defence Services, including Trend Micro Deep Discovery solution that detects, analyses, adapts and responses to targeted attacks.
Sign up for Computerworld eNewsletters.