New Malware Variant Uses Google Docs As a Proxy To Phone Home 85
An anonymous reader writes "Windows 8 may block most malware out of the box, but there is still malware out there that thwarts Microsoft's latest and greatest. A new Trojan variant, detected as Backdoor.Makadocs and spread via RTF and Microsoft Word document marked as Trojan.Dropper, has been discovered that not only adds a clause to target Windows 8 and Windows Server 2012, but also uses Google Docs as a proxy server to phone home to its Command & Control (C&C) server."
John Gilmore (Score:5, Interesting)
Re:Yep. (Score:5, Interesting)
Even when Microsoft makes something bulletproof, these tech assholes have to blame a Google problem on Microsoft.
No.
It uses a vulnerability in RTF and Word documents to get into the system.
It only uses Google Docs as a fancy way to phone home.
Re:Yep. (Score:4, Interesting)
But spreading via RTF and Word documents? That means this trojan only takes control through a vulnerability (or multiple ones?) in RTF and Word document handling. That would definitely be a Windows 8 problem.
No, its definitely not a windows 8 problem. Its clearly a problem with the software reading RTF and Word documents. Last I checked, user accounts on all OS's, including Windows, Linux, OS/X, and BSD, could open up a socket and start hitting the network with whatever rights the user has.
The only place where it is acceptable to not allow networking by default is the land of mobile devices, and only some of them are actually like that.
Re:Brilliant (Score:4, Interesting)
Because of all the downtime on Google docs, the communication with the C&C server is intermittent and therefore difficult to pinpoint by law enforcement. Security by instability.
FYI, if you'd like to know how often Google docs (or any other Google Apps service) is unavailable, Google provides an on-line status dashboard [google.com] with both current and historical information going back two months.
Googling for overall uptime stats shows that in 2010, Apps achieved 99.984% uptime and in 2011 99.9949% uptime, even after changing the methodology to count all downtimes, not just those lasting more than 10 minutes.