Experts fix the growth in the number of targeted attacks with using of the Windows Help File (.hlp).
According to Symantec, an antivirus company experts have recorded the fact using of hackers files .hlp, (use help system “Windows Help”), in targeted attacks. In this case, the researchers note, the priority is given to attacks against government and industrial sectors.
Under assumptions of Symantec, Windows Help files are increasingly being used for targeted attacks because of the success of such attacks do not need to resort to the use of exploits.
“The functionality of the help file permits a call to the Windows API which, in turn, permits shell code execution and the installation of malicious payload files,” – says the expert.
According to them, it can not be called a full exploit, but Microsoft has been advised of the breach, and initiated the gradual elimination of the platform in 2006. Among the main threats associated with. Hlp files, Symantec release malicious applications and Trojan.Ecltys Backdoor.Barkiofork. They are generally used by hackers to conduct targeted attacks on the industrial sector.
The Experts report: http://www.symantec.com/…/targeted-attacks-make-winhelp-files-not-so-helpful