Microsoft's latest version of Windows has been a divisive subject among computer users, but malware is bad, and we all know that. Malware on Google Docs is unusual, but a variant has been found that considers whether a user is running Windows 8 or Windows Server 2012 on his or her machine.
The malware gives and receives commands from another server, allowing an element of control over a computer without consent. What makes it interesting is that this malware pre-dates Windows 8, so it must have been updated to identify these newer builds of Microsoft's OS.
The virus doesn't just ping directly to a server for commands, but uses Google Docs as its proxy to the server, covering the developer's tracks. It takes advantage of functionality in GDocs by breaking terms of use, but when did that stop a virus creator before?
The document comes in the form of a .rtf or .doc file, relying on people clicking a link based on their interests. With how it works, the current theory is that it focuses on users in Brazil especially.
The bottom line is that you absolutely do not click a link unless you know what it is for. Basic solutions for internet problems, but if you're ever unsure, check with the sender if you know them. If you don't know them, then be wary.
Source: Symantec
9 Comments - Add comment