File format .hlp gaining popularity among hackers

Posted: October 31, 2012 in IT Security News
Tags: , ,

Symantec CorpExperts fix the growth in the number of targeted attacks with using of the Windows Help File  (.hlp).

According to Symantec, an antivirus company experts have recorded the fact using of hackers files .hlp, (use help system “Windows Help”), in targeted attacks. In this case, the researchers note, the priority is given to attacks against government and industrial sectors.

Under assumptions of Symantec, Windows Help files are increasingly being used for targeted attacks because of the success of such attacks do not need to resort to the use of exploits.

“The functionality of the help file permits a call to the Windows API which, in turn, permits shell code execution and the installation of malicious payload files,” – says the expert.

Bloodhound.HLP.1 and Bloodhound.HLP.2 detection heatmap

Bloodhound.HLP.1 and Bloodhound.HLP.2 detection heatmap

According to them, it can not be called a full exploit, but Microsoft has been advised of the breach, and initiated the gradual elimination of the platform in 2006. Among the main threats associated with. Hlp files, Symantec release malicious applications and Trojan.Ecltys Backdoor.Barkiofork. They are generally used by hackers to conduct targeted attacks on the industrial sector.

The Experts report: http://www.symantec.com/…/targeted-attacks-make-winhelp-files-not-so-helpful

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s