Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Google Cloud Microsoft Security News

New Malware Variant Uses Google Docs As a Proxy To Phone Home 85

An anonymous reader writes "Windows 8 may block most malware out of the box, but there is still malware out there that thwarts Microsoft's latest and greatest. A new Trojan variant, detected as Backdoor.Makadocs and spread via RTF and Microsoft Word document marked as Trojan.Dropper, has been discovered that not only adds a clause to target Windows 8 and Windows Server 2012, but also uses Google Docs as a proxy server to phone home to its Command & Control (C&C) server."
This discussion has been archived. No new comments can be posted.

New Malware Variant Uses Google Docs As a Proxy To Phone Home

Comments Filter:
  • Re:Yep. (Score:1, Insightful)

    by Anonymous Coward on Sunday November 18, 2012 @03:33AM (#42017537)

    A google problem? Having a public server? Yeah whatever you shill.

    I know it's trendy and hipster to hate on google. but... NOBODY MAKES YOU USE ANY OF THEIR PRODUCTS OR SERVICES. which are free and quite open for stuff put out by a business. How dare they offer stuff people want in a non annoying way for free!

    Unlike ohhhhhhhh... just about any other company out there.

    And since when has ANYTHING made by microsoft been bulletproof? Or even doesn't leak like a screen door... never.

  • by Runaway1956 ( 1322357 ) on Sunday November 18, 2012 @05:21AM (#42017841) Homepage Journal

    Dude, Microsoft gives system access to anything that asks for it. Sometimes, it pauses to ask the guy at the keyboard if he WANTS to give system access to 'allyourfilebelongtous.exe', but the boob at the board invariably clicks "yes".

  • by jonwil ( 467024 ) on Sunday November 18, 2012 @05:51AM (#42017913)

    I would LOVE to meet the idiots that decided that document formats (such as Word, Excel, PDF, RTF etc) need to support full programming languages with system level access.

    Old office formats (Word Perfect, Lotus etc) got by just fine without programmability so why do modern formats need it?

    A special place in hell should be reserved for the person who decided to merge 2 of the least secure mainstream programs known to man and add support for embedding a Flash file into a PDF file.

  • by Anonymous Coward on Sunday November 18, 2012 @09:25AM (#42018447)

    Jonwil does have a point. It would have been useful if users were presented with a simple model of programs that process data. Documents would be inherently safe, programs would be something potentially harmful. Bij embedding programs in documents the distinction is blurred. If the same combination would be presented and treated as a program containing a document the situation would be clearer. A plain document would be associated with a launcher that loads the (let's say) word processing application but not a scripting engine, a program with an embedded document would be associated with a launcher that loads both the word processing application and a scripting engine. The word processor itself has no built-in ability to load the scripting engine. To make the distinction separate mime types and file name extensions are needed.

    This makes it much clearer what you're dealing with if you receive a document, and it makes it much easier to explain to people what to trust and what to distrust and why, and I also like the idea of not loading a scripting engine at all when there should be no scripts to execute.

Man is an animal that makes bargains: no other animal does this-- no dog exchanges bones with another. -- Adam Smith