Symantec Unmasks Trojan Hiding on Legit Google Docs Function
By Erik Pineda | November 20, 2012 12:30 PM EST
Anti-virus specialist Symantec has unmasked a new malware that exploits a function of Google Docs to secretly communicate with its command and control (C&C) server, likely infecting even new machines running on Windows 8 and Windows Server 2012.
In a blog post published Friday last week, Symantec researcher Takashi Katsuki identified the Trojan as a new variation of malware belonging to the Backdoor.Makadocs family, which "uses the Google Drive Viewer feature as a proxy for receiving instructions from the real C&C," according to IDG News.
"In violation of Google's policies, Backdoor.Makadocs uses this function to access its C&C server," Mr Katsuki warned.
The malware, he added, is fully capable of siphoning off information from targeted machines and can be used by its 'handler' to remotely dispatch instructions and commands.
It appears that the malware author is taking advantage of the secured connection affiliated with Google Docs, a Google service that is now included with its cloud division Google Drive, to cloak its malicious traffic, Mr Katsuki further explained.
Backdoor.Makadocs is also believed to be recently unleashed since it can operate within the relatively new environment of Microsoft's operating system, prompting suggestions from Symantec researchers that the malware was recently revised for the new OS and server from the tech giant.
Citing data provided by Symantec, SCMagazine reported on Monday that around 100 infections attributed to Backdoor.Makadocs have been reported in Brazil, pointing to the likelihood that the revised malware is currently on testing stage.
Nonetheless, users are warned not to open rich text format (RTF) and document (DOC) files they received from unknown or unverified sources.
They normally are sent via phishing emails, Mr Katsuki said, and they attempt "to pique the user's interest with the title and content of the document and trick them into clicking on it and executing it."
Google has been made aware of the issue, Symantec said, adding that the tech giant could easily block the malware's intrusive functions by reconfiguring its firewall.
In a statement, Google said it is currently monitoring the problem and ready to implement appropriate actions.
"Using any Google product to conduct this kind of activity is a violation of our product policies ... We investigate and take action when we become aware of abuse," the internet giant's statement was quoted by SCMagazine as saying.
To contact the editor, e-mail:
Most Popular Slideshows
- Typhoon Rammasun Claims 18 Lives in China, Incurs $4.32B Losses (PHOTOS)
- Malaysia Airlines MH17: Vital Black Boxes Finally Land in Hands of Malaysian Authorities, Rebels Announce Ceasefire (PHOTOS/VIDEOS)
- Photos from the Crash Site of Malaysia Airlines MH17 In Ukraine
- Selena Gomez Turns 22 Today, Celebrates Early without Justin Bieber: Top 12 Interesting Facts About the Singer [SEE PHOTOS]
Join the Conversation
- Malaysian Airlines Flight 17: Air Carrier to Give $5,000 Assistance to Victims’ Families; Bankruptcy Looms as 2 Air Mishaps Would Cost Firm Minimum $80.55 M Compensation
- Foxconn And Pegatron Corp Readies For Apple's iPhone 6 Mass Production This Month
- KFC & McDonald’s Accused of Serving ‘Expired’ Meat to Customers
- Malaysian Airlines Ukraine Tragedy Hits Asian Stock Markets
- Fairfax Chief Executive Greg Hywood Reiterates Commitment to Radio; No Merger With Macquarie Radio
- Fresh Leak Hints iPhone 6 Price and Release Date; 4.7-Inches iPhone 6 Sapphire Display Scratched in Test; New Spigen Cases Out
- iPhone 6 2014 Release Date Very Soon as Apple Orders 120M New iPhones from Foxconn – Report
- Google Nexus 6 on Release Date Will Sport 2K Display Panel & Lower Price Tag – Report
- Motorola Moto G Vs. Xiaomi Mi3 – Low in Price, High -level Features
- FCC Approves Sony Xperia Z3 for U.S. Market
- Killer Xiaomi Mi4 at $369 Likely to Come With 5.0-Inch Display, Snapdragon 801 Processor, 3GB RAM and More
- Sony PlayStation 4 Outsells a Resurgent Xbox One in June