Spoofed eCard from the Whitehouse stole government data

Government workers and contractors must have dropped their guard in anticipation of the the upcoming holiday season when a spoofed eCard made its way around. On December 23rd an eCard was sent to a few government employees and contractors that spoofed a Whitehouse.gov email address. The spoofed eCard contained a piece of malware that was able to steal 2 gigabytes of sensitive PDF, Word and Excel documents from the targets. 

Inside the eCard there was a nice message stating: 

"As you and your families gather to celebrate the holidays, we wanted to take a moment to send you our greetings. Be sure that we're profoundly grateful for your dedication to duty and wish you inspiration and success in fulfillment of our core mission."

But the nice message wasn't all that was packed in there, when opened the eCard also deployed a variant of the Zeus banking Trojan. The variant was designed to steal documents rather than steal usernames and passwords like the original Zeus Trojan would do. 

According to Network World, security expert Brian Krebs was able to identify some of the government entities that fell victim to the spoofed eCard. Some of the victims included an intelligence analyst with the Massachusetts State Police, an employee at the National Science Foundation's Office of Cyber Infrastructure and an employee of the Financial Action Task Force.

Report a problem with article
Previous Story

Opera teases new tablet-friendly web browser

Next Story

Daily Gaming: January 3, 2011

10 Comments

Commenting is disabled on this article.

surely in any place that computers may have access to sensitive data they should all be fixed onto plain text only mails, no attachments etc. unless from a trusted source (whitelist)

Can just imagine walking through government offices to see staff opening flash based and think to myself, are you F@#'#'@ serious!?

Not to dismiss that we all have friends and receiving cards is nice, but leave that to your personal email which isn't connected to anything sensitive!

Well, since 2005 it's been advised to Not open eCards. Even if it looks like it's from someone you know. Someone should send the gov't the memo that no eCard should be allowed into their inboxes. Easier said than done I'm sure but they have to have a way to filter e-cards in a global ruleset. I mean if they can create cameras that can beam 65 images a second from a spyplane I think they have the braintrust there to make a global rule change in their e-mail filters.

schwit said,

Whoever is responsible for email security and allowed these emails to get through should be fired.

Assuming they have decent spam protection systems, unless you want the person responsible for email security to open each and every email before it reaches its recipient, there is no way this could have been prevented.
Some of the victims included an intelligence analyst with the Massachusetts State Police

This is one of the persons who should be fired, if any were to be fired at all.

Lol... this is really sad. They should pipe up their security, rather than criminalize those who steal their infoz.