Friday February 27, 2015

AutoCAD worm stealing DWG files

LinkedInTumblrStumbleUponRedditFlipboardDigg

From threatpost.com:

Security researchers have come across a new worm that is meant specifically to steal blueprints, design documents and other files created with the AutoCAD software. The worm, known as ACAD/Medre.A, is spreading through infected AutoCAD templates and is sending tens of thousands of stolen documents to email addresses in China. However, experts say that the worm’s infection rates are dropping at this point and it doesn’t seem to be part of a targeted attack campaign.

Before you start panicking, you should know that most incidences of this worm have been found in Peru.

I’ve  heard about at least one AutoCAD worm in the past. It was a clumsy thing, not written by a serious black-hat.  This one was written in AutoLISP, with its functions wrtten with VisualBasic scripts. It seems to be intended as industrial espionage.

You can read more about this worm in Richard Zwienenberg’s ESET threat blog entry, and get technical details at Robert Lipovsky’s entry.  ESET has made a free stand-alone cleaner, which you may download here.

 

 

Comments
3 Responses to “AutoCAD worm stealing DWG files”
  1.  I understand AutoCAD is still very popular and all, but I just can’t resist to make a pun: “Who sent this worm on a time machine, to the present?”

  2. Bobsbees says:

    It was sent by Autodesk to make it seem like ACAD is still important…

Trackbacks
Check out what others are saying...
  1. […] som har som oppgave å samle og distribuere tekniske tegninger fra selskaper og organisasjoner, DAK-ormer. Slike virus og ormer, sammen med rettede angrep med mål om å stjele intellektuell kapital, vil […]



Leave A Comment

You must be logged in to post a comment.