Beware If You Receive an Invitation to Attend the Olympic Games in Beijing

Malware cashing in on the Olympics fan-following may affect MS Word, MS PowerPoint and MS Excel applications on your computer, which could allow remote attackers to take complete control of an affected system, or cause the application to crash, warns Trend Micro

New Delhi, August 18, 2008: While China hosts the 2008 Summer Olympics in the capital of Beijing from August 8 to August 24, 2008, malware authors are busy mounting attacks that play on this quadrennial sporting event, warns Trend Micro, India’s #1 security solutions company.

Reports have surfaced about a zero-day MS Word vulnerability affecting Microsoft Word 2000, 2002, and 2003. It is said to affect even patched versions of the popular word-processing application on certain MS Office versions. Says Niraj Kaushik, Country Manager – India & SAARC, Trend Micro, “When exploited, the unspecified remote code-execution vulnerability could allow remote attackers to take complete control of an affected system, or cause the application to crash.”

Experts at Trend Micro’s TrendLabs have confirmed that there are malicious .DOC files spreading in the wild. They have also observed that these malicious files use the hugely popular Olympics to get more users to click on them. The samples that TrendLabs has come across are detected as TROJ_MDROPPER.ZT. These files are zero-day exploits under vulnerability summary CVE-2008-2244 under the Common Vulnerabilities & Exposures (CVE) List of the National Cyber Security Division of the US Department of Homeland Security.

Warns Mr. Kaushik, “Among others, if you receive any email that has an attachment file named attachment .doc, appeal_letter_of_fttj.doc, attend_the_opening_ceremony_of_the_29th_olympic_games_in_beijing.doc, five_resolutions.doc, or lingotto_con_fiat.doc, be warned that opening it may make your computer vulnerable to attack. Besides TrendLabs has also reported Trojan samples of .XLS and .PPT circulating, all drawing correlation to the ongoing Olympics and the Tibet conflict. The conflict relates to the Olympics as it has spurred pro-Tibetan parties to call for an Olympic boycott.” Trend Micro detects the malicious Excel file as TROJ_MDROPPER.ZY, and the PowerPoint file as TROJ_PPDROP.M. Unlike the Word file malware, these Excel and PowerPoint files are not confirmed to have zero-day vulnerabilities as yet.

Unless the users are aware of this threat vulnerability, the impact may be enormous, suggests Mr. Kaushik, “The Olympics event having such a big fan-following, the potential of people unknowingly getting lured into opening such Trojanized files is huge. With 10, 708 athletes competing in 28 sports for 302 gold medals, the Olympics is the most prestigious affair of its kind, and as such commands a worldwide audience. It is thus expected that it will be included in malicious users’ arsenal of social engineering techniques.”

However, the threat by this Olympics malware can be contained, assures Mr. Kaushik, “Trend Micro Smart Protection Network has already got Trend Micro customers covered by blocking this threat. We urge Non-Trend Micro to beware of this particular attack and to use appropriate protection.”

NOTE TO EDITORS:

· More details on these malware may be found at the Trend Micro website:

Trojanized Word file – TROJ_MDROPPER.ZT

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ%5FMDROPPER%2EZT

Trojanized Excel file – TROJ_MDROPPER.ZY

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ%5FMDROPPER%2EZY

Trojanized PowerPoint file – TROJ_MDROPPER.M

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_PPDROP.M

· The Microsoft Security Advisory [Microsoft Security Advisory (953635) - Vulnerability in Microsoft Word Could Allow Remote Code Execution] may be viewed at:

http://www.microsoft.com/technet/security/advisory/953635.mspx

Media Contacts :

Trend Micro

Connie Kou, Regional PR & Marcom Manager, APAC,

E-mail : connie_kou {at} trend.com(.)tw

Tel: +886-2-2378 9666 ext. 1629

About Trend Micro:

Trend Micro Incorporated, a global leader in Internet content security, focuses on securing the exchange of digital information for businesses and consumers. A pioneer and industry vanguard, Trend Micro is advancing integrated threat management technology to protect operational continuity, personal information, and property from malware, spam, data leaks and the newest Web threats. Visit TrendWatch at www.trendmicro.com/go/trendwatch to learn more about the threats. Trend Micro’s flexible solutions, available in multiple form factors, are supported 24/7 by threat intelligence experts around the globe. A transnational company, with headquarters in Tokyo, Trend Micro’s trusted security solutions are sold through its business partners worldwide. Please visit http://apac.trendmicro.com

Copyright© 2008 Trend Micro Incorporated. All rights reserved. Trend Micro, the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro, Incorporated. All other product or company names may be trademarks or registered trademarks of their owners.

Puneet Khunger
R&PM:Edelman
318, Naurang House, K.G.Marg,
New Delhi- 110 001, India
Tel: +91 (11) 2332 0116 Extn. 15

Fax: +91 (11) 2332 0062

Mobile: +91 9717022726

Email: puneet.khunger {at} edelman(.)com