FireEye, a network security firm based in Milpitas, California, recently issued a report detailing how malevolent hackers are using Google Docs and PowerShell to transmit a Trojan virus referred to as “Laziok”. Anyone who owns or manages a business should be aware of this Trojan attack. Even those who use personal computers at home for non-business purposes are vulnerable to the attack as well.
About the Laziok Trojan Attack
The Laziok Trojan was first identified a year ago when employed in a multi-tiered attack against energy companies across the Middle East. The virus was actually pinpointed on a Polish hosting service website used by those energy businesses. Laziok is best described as a combination of a program that steals information and a reconnaissance tool. The malware was employed through a threat group’s exploitation of an antiquated Windows weakness tracked with the label of “CVE-2012-0158”. This vulnerability implements the Trojan directly onto users’ computers.
Google Docs and Laziok
The FireEye report indicates that hackers apparently devised a highly creative method of bypassing Google’s stringent security checks. The hackers then uploaded the Laziok Trojan to Google Docs. The malware was originally uploaded last March and remained in place until FireEye made Google aware of its presence. Google regularly scans and blocks potentially harmful content on Google Docs to prevent such malware from harming its customers’ computing devices. It was widely assumed that Google Docs users would not be able to download malicious files from the popular file sharing / editing service until Laziok hit. It is clear that the malware found a way to slide in past Google’s extensive security scans. Thankfully, the malicious file has been successfully removed by Google so that users can no longer fetch it.
How the Laziok Trojan Attack Occurs
IT Assistance for Small to Medium Sized Businesses
QualityIP is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (330) 931-4141 or send us an email at [email protected] for more information.