The attack takes a little doing to complete successfully but it is very effective. A malformed shortcut, usually present on a USB drive can install a rootkit on your PC, simply by displaying the shortcut icon. The exploit lies in the way that Windows handles shortcuts to Control Panel icons and is helped by the fact that part of the malware payload it installs masquerades its self as signed drivers from Realtek, though that particular identifier has now been revoked. To make matters worse Ars Technica reports, there is a specific target, Siemens’ SIMATIC WinCC software which is used to control and monitor manufacturing plants, power generation facilities and oil and gas refineries. This one is not just inconveniencing users, some real mayhem could ensue from a successful attack.
"Reports have been circulating for a few weeks about a new attack being targeted at certain Windows users that used USB memory sticks to propagate. More details have now emerged, including confirmation from Microsoft that a new flaw exists and is being exploited."
Here is some more Tech News from around the web:
- Foxconn becomes the second-largest notebook supplier of HP in 2011 @ DigiTimes
- The TR Podcast 68: Lunchbox PCs, Nvidia’s latest, and Just be-Cause
- Olympus PEN E-PL1: Positive Development of the PEN Concept @ InsideHW
- Microsoft Windows 7 Service Pack 1 Roadmap Rev. 1.2 @ TechARP
- Sony Alpha NEX-5 Review @ TechReviewSource
- Herman Miller Embody Chair Review @ Benchmark Reviews
- Joby Gorillatorch Original @ Rbmods
- Sony Alpha NEX-3 review @ t-beak
- Intel Can’t Ship Their Own Driver With Their MeeGo OS @ Phoronix