new "trojan" exploit targets microsoft powerpoint  
     
 


A new Trojan used in the latest zero-day attack against Microsoft Office contains characteristics that indicate corporate espionage as the main motive. A backdoor called Trojan.Riler.F is installing itself as a layered service provider, or LSP, allowing it to access every piece of data entering and leaving the infected computer. The Trojan also opens a back door on the compromised system allowing it to remotely receive commands from the virus writer. The malicious PowerPoint file infects the machine with a piece of malware called Trojan.PPDropper.C. This in turn drops two separate backdoors that give the attack unauthorized access to the compromised computer. The other backdoor, Backdoor.Bifrose.E acts as a keylogger and submits sensitive system information to servers based in China. The PowerPoint exploit arrives from a Gmail address with a subject line in Chinese characters. Users are advised to be cautious and to not open PowerPoint files from unknown or untrusted sources.