Posts Tagged ‘DOC files’

Vulnerability

New Trojan uses Google Docs

Antivirus company Symantec has detected a new malicious software using Google Docs, which has become part of Google Drive, as an intermediary for communication with the attack. This approach allows to hide malicious traffic.

New malicious code is included in the family Backdoor.Makadocs and uses the Google Docs Viewer to act as a proxy server to receive instructions from the real command server. Google Docs Viewer was originally created to display the different types of files from remote addresses directly in the operating window Google Docs. “Violating the policy of using Google, Backdoor.Makadocs uses the Viewer to access the C & C-server”, – says Symantec antivirus specialist Takashi Katsuk.

It is possible that the malware author has used this approach to complicate the detection of malicious code from antivirus software, as Google Drive defaults to HTTPS-protected connections, and most of the system analizitorov programmed to recognize Google as a trusted service. (more…)