Thursday, 27 August 2009

Malware via Snail Mail

Source: National Credit Union Administration

The (American) National Credit Union Administration has released a warning that one of its members was sent fraudulent "training materials" on CD, laced with malware. The attack is notable for the fact that it is both highly targeted and uses low tech methods in an attempt to bypass network security.

1 comment:

The Famous Brett Watson said...

An update announces that this was part of a penetration test, not an actual attack, but the forgery of NCUA documents was not condoned by the NCUA. If anything, this highlights the difficulty of conducting a realistic penetration test without breaking the law -- which comes as no surprise, given that lawbreaking is the normal modus operandi of the bad guys.