[All_jlau] JLab Cybersecurity Notice: Malware delivered by U.S. Mail

[Kandice Carter]

Sent on behalf of the IT Division

A report of a tried and true phishing attack - use of the U.S. mail to deliver an infected CD, DVD or USB - has been forwarded by a cyber analyst at another DOE lab. While no specific information is available at this time, the general attack concept is clear.

The physical package claimed to contain information about security issues that would be explained when the enclosed software was executed on the recipient's computer. If run, the software would install malware that would take a screenshot every few seconds and forward it to a remote site.

The same kind of poisoned media have been discovered at various computer conferences over the past year. There is no reason to think that scientific conferences are immune to similar threats. In addition, the U.S. mail is used for very specific individual attacks, i.e. spear phishing. Such an attack would use a newly crafted code that anti-virus programs would not be likely to detect.

Be wary of any unsolicited physical media, even media that appear to originate from a known vendor, a DOE office, or another lab. To have such media checked for malicious code before use, contact the IT Division HelpDesk at helpdesk at jlab.org or x7155, or contact IT division cybersecurity staff at security at jlab.org.






-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.jlab.org/pipermail/all_jlau/attachments/20120612/1cbd45c6/attachment.html