Hot on HuffPost Tech:

See More Stories
AOL Tech

Fake White House Christmas E-Card Swipes Government Documents

Christmas eCard steals government documents.
Over the holidays, several government employees and contractors received a Christmas e-card that purported to be from The White House, but actually contained document-swiping malware. According to Krebs on Security, when a recipient opened the file, or clicked on either of the included links, a trojan stole PDF, Word and Excel documents, and then uploaded them to a server in Belarus. Blogger Brian Krebs reports that about two gigabytes of government documents were taken in this phishing attack. According to NetWitness, this attack was carried out by a variant of the ZeuS botnet that hijacked 74,000 PCs last February. Krebs was able to identify several of this latest attack's victims, including an intelligence analyst with the Massachusetts State Police, an employee at the National Science Foundation's Office of Cyber Infrastructure, and an employee of the Financial Action Task Force. In other words, it wasn't just gift-shop clerks who were duped by the e-card.

The e-card, which featured a festive Christmas tree over a red background, read as follows: "As you and your families gather to celebrate the holidays, we wanted to take a moment to send you our greetings. Be sure that we're profoundly grateful for your dedication to duty and wish you inspiration and success in fulfillment of our core mission." Recipients could click one of two links embedded within the e-Card. These malicious links began a download of a ZIP file, which contained the ZeuS malware that was responsible for swiping the sensitive documents.

Previously, ZeuS trojans have been widely used to steal online banking credentials, information and passwords, like during last February's hijacking of about 74,000 PCs. Don Jackson, director of threat intelligence for SecureWorks, told MSNBC that it's possible the malware used in both attacks was created by the same group. Whereas last February's attack was large-scale and encompassed thousands of computers, the Christmas e-card scam was probably carried-out manually by a few individuals, since it targeted such a small group. Jackson also thinks the scale of this attack is why the e-card was able to slip through the government's porous cybersecurity traps and sensors.

It's troublesome that government employees and contractors could fall prey to such a simple scam. What's more troublesome is that the government seems to be in no hurry to shore up the obvious holes in its cyber-security. Meanwhile. spammers and hackers took a trojan typically used for financial fraud, and used it to steal sensitive government information. We aren't saying the sky is falling, but news of another attack on government computers doesn't exactly breed confidence.

Tags: botnet, ecards, government, malware, security, top, trojan, WhiteHouse

Comments

10