Government workers and contractors must have dropped their guard in anticipation of the the upcoming holiday season when a spoofed eCard made its way around. On December 23rd an eCard was sent to a few government employees and contractors that spoofed a Whitehouse.gov email address. The spoofed eCard contained a piece of malware that was able to steal 2 gigabytes of sensitive PDF, Word and Excel documents from the targets.
Inside the eCard there was a nice message stating:
"As you and your families gather to celebrate the holidays, we wanted to take a moment to send you our greetings. Be sure that were profoundly grateful for your dedication to duty and wish you inspiration and success in fulfillment of our core mission."
But the nice message wasnt all that was packed in there, when opened the eCard also deployed a variant of the Zeus banking Trojan. The variant was designed to steal documents rather than steal usernames and passwords like the original Zeus Trojan would do.
According to Network World, security expert Brian Krebs was able to identify some of the government entities that fell victim to the spoofed eCard. Some of the victims included an intelligence analyst with the Massachusetts State Police, an employee at the National Science Foundations Office of Cyber Infrastructure and an employee of the Financial Action Task Force.