Sophos Cloud OptixSit down at your computer, relax, check your email…. open the attached Powerpoint presentation, casually read through the article contained within… don’t worry… take your time… because you’re already infected.
Researchers at SophosLabs have provided detection for W32/Mofei-V . A network based worm with backdoor functionality. W32/Mofei-V has been spammed out contained within a specially crafted Microsoft Powerpoint presentation containing an article from an Australian newspaper regarding the Dalai Lama.
While the reader is being enlightened, the Powerpoint file will drop and run the worm without the user’s knowledge.
Once infected the worm will install itself as a service, inject itself into other processes, spread to other network shares and open a backdoor providing a remote attacker with a selection of commands to execute on the victims computer.
This is a reminder to the reader that malware writers will go out of their way to gain access and control of your computer, so users should always remain vigilant against social engineering attacks.