| ||Thread Tools|
|27th June 2012, 08:47||#1|
Join Date: May 2010
New worm steals Autocad files
Insecurity experts have found a worm which is designed to steal blueprints, design documents and other files created with the AutoCAD.
Righard Zwienenberg of Eset dubbed the worm, ACAD/Medre.A and has spotted it preading through infected AutoCAD templates.
Talking to Wired, he said that the blueprints are being mailed to email addresses in China.
Zwienenberg said that the worm's infection rates are dropping at this point and it did not seem to be part of a targeted attack upon a company.
It first appeared six months ago and seemed to be jolly interested in machines in Peru, perhaps looking for the mythical home for retired bear's long lost marmalade factory.
ACAD/Medre.A was written in AutoLISP, a specialized version of the LISP scripting language that's used in AutoCAD.
The attackers used specific URLs to spread the infected template to targets.
Zwienenberg said that the attack vector was to hit the company and all those who did business with it. So the malware would mostly show up in Peru and neighbouring countries.
The worm modifies the startup file for AutoLISP and then goes through some configuration routines.
ACAD/Medre.A begins sending the different AutoCAD drawings that are opened by e-mail to a recipient with an e-mail account at the Chinese 163.com internet provider.
It will use 22 accounts at 163.com and 21 accounts at qq.com, another Chinese internet provider.
It accesses smtp.163.com and smtp.qq.com with the different account credentials. Zwienenberg wrote that you should never allow port 25 to do anything other than contact your ISP and this should be blocked.
Kaspersky Labs said the software was an uncontrolled attack and it was hard to say who the target is, and it doesn't seem to be government sponsored. Victims also appear to have happened worldwide.
|Thread||Thread Starter||Forum||Replies||Last Post|
|Final Cut Pro, Photoshop, Aperture, AutoCAD and more score Retina Display support||Stefan Mileschin||WebNews||0||12th June 2012 07:48|
|LinkedIn hacker steals 1.5m passwords from dating site eHarmony||Stefan Mileschin||WebNews||0||8th June 2012 07:49|
|Man Steals NY Federal Reserve Bank Source Code||Stefan Mileschin||WebNews||0||20th January 2012 09:43|
|Very slow opening Excel files? Speed Up Excel 2007 Opening Files from Network||jmke||WebNews||0||13th February 2009 16:10|
|Vista's so bad no one steals it||jmke||WebNews||19||12th June 2008 15:31|
|Nvidia steals ATI's mobile thunder||jmke||WebNews||0||18th December 2006 19:08|
|Google kills Santy worm||jmke||WebNews||0||22nd December 2004 10:19|
|worm virus !!!||Gamer||Hardware/Software Problems, Bugs||14||13th August 2003 20:36|
|AutoCad 14 probleem||DyNaRaX||Hardware/Software Problems, Bugs||2||2nd April 2003 11:12|