It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
New worm steals Autocad files New worm steals Autocad files
FAQ Members List Calendar Search Today's Posts Mark Forums Read


New worm steals Autocad files
Reply
 
Thread Tools
Old 27th June 2012, 08:47   #1
[M] Reviewer
 
Stefan Mileschin's Avatar
 
Join Date: May 2010
Location: Romania
Posts: 148,055
Stefan Mileschin Freshly Registered
Default New worm steals Autocad files

Insecurity experts have found a worm which is designed to steal blueprints, design documents and other files created with the AutoCAD.

Righard Zwienenberg of Eset dubbed the worm, ACAD/Medre.A and has spotted it preading through infected AutoCAD templates.

Talking to Wired, he said that the blueprints are being mailed to email addresses in China.

Zwienenberg said that the worm's infection rates are dropping at this point and it did not seem to be part of a targeted attack upon a company.

It first appeared six months ago and seemed to be jolly interested in machines in Peru, perhaps looking for the mythical home for retired bear's long lost marmalade factory.

ACAD/Medre.A was written in AutoLISP, a specialized version of the LISP scripting language that's used in AutoCAD.

The attackers used specific URLs to spread the infected template to targets.

Zwienenberg said that the attack vector was to hit the company and all those who did business with it. So the malware would mostly show up in Peru and neighbouring countries.

The worm modifies the startup file for AutoLISP and then goes through some configuration routines.

ACAD/Medre.A begins sending the different AutoCAD drawings that are opened by e-mail to a recipient with an e-mail account at the Chinese 163.com internet provider.

It will use 22 accounts at 163.com and 21 accounts at qq.com, another Chinese internet provider.

It accesses smtp.163.com and smtp.qq.com with the different account credentials. Zwienenberg wrote that you should never allow port 25 to do anything other than contact your ISP and this should be blocked.

Kaspersky Labs said the software was an uncontrolled attack and it was hard to say who the target is, and it doesn't seem to be government sponsored. Victims also appear to have happened worldwide.

http://news.techeye.net/security/new...-autocad-files
Stefan Mileschin is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
Final Cut Pro, Photoshop, Aperture, AutoCAD and more score Retina Display support Stefan Mileschin WebNews 0 12th June 2012 07:48
LinkedIn hacker steals 1.5m passwords from dating site eHarmony Stefan Mileschin WebNews 0 8th June 2012 07:49
Man Steals NY Federal Reserve Bank Source Code Stefan Mileschin WebNews 0 20th January 2012 09:43
Very slow opening Excel files? Speed Up Excel 2007 Opening Files from Network jmke WebNews 0 13th February 2009 16:10
Vista's so bad no one steals it jmke WebNews 19 12th June 2008 15:31
Nvidia steals ATI's mobile thunder jmke WebNews 0 18th December 2006 19:08
Google kills Santy worm jmke WebNews 0 22nd December 2004 10:19
worm virus !!! Gamer Hardware/Software Problems, Bugs 14 13th August 2003 20:36
AutoCad 14 probleem DyNaRaX Hardware/Software Problems, Bugs 2 2nd April 2003 11:12

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT +1. The time now is 01:10.


Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO