That didn't take long at all.
http://blog.9bplus.com/mandiant-apt2-report-lure
https://threatpost.com/en_us/blogs/spear-phishing-campaigns-use-fake-mandiant-apt1-report-lure-022113
http://www.symantec.com/connect/blogs/malicious-mandiant-report-circulation
So, I got a notification from corporate security that there was a piece of malware around that it taking advantage of the popularity of Mandiant's APT1 report. That's a huge deal, but one should really be checking downloads against Mandiant's posted MD5s anyways.
Bottom-line: do not open it (verifiy the PDF if you can...if you can't don't open it).
I've reported it to ISC.
No comments:
Post a Comment