by Caleb Johnson
Over the holidays, several government employees and contractors received a Christmas e-card that purported to be from The White House, but actually contained document-swiping malware. According to Krebs on Security, when a recipient opened the file, or clicked on either of the included links, a trojan stole PDF, Word and Excel documents, and then uploaded them to a server in Belarus. Blogger Brian Krebs reports that about two gigabytes of government documents were taken in this phishing attack. According to NetWitness, this attack was carried out by a variant of the ZeuS botnet that hijacked 74,000 PCs last February. Krebs was able to identify several of this latest attack's victims, including an intelligence analyst with the Massachusetts State Police, an employee at the National Science Foundation's Office of Cyber Infrastructure, and an employee of the Financial Action Task Force. In other words, it wasn't just gift-shop clerks who were duped by the e-card.
It's troublesome that government employees and contractors could fall prey to such a simple scam. What's more troublesome is that the government seems to be in no hurry to shore up the obvious holes in its cyber-security. Meanwhile. spammers and hackers took a trojan typically used for financial fraud, and used it to steal sensitive government information. We aren't saying the sky is falling, but news of another attack on government computers doesn't exactly breed confidence.