Not open for further replies.


Staff member
Security researchers from Symantec warn of highly targeted attacks that leverage the crisis in Libya to deliver an exploit via email and infect key computers.

The emails pose as replies to previous messages about the current situation in the Arab country and bear subjects like "Re: DISCUSSION - the final battle in Libya?"

Their body contains a very short message reading "I agree with this point," however, a formatting error results in a broken </html tag to also appear at the end.

The short message has the purpose of diverting recipients' attention towards the attached document called "EconomicStakes in Libya's Crisis.doc".

If opened, the document tries to exploit an Office RTF stack buffer overflow vulnerability, identified as CVE-2010-3333 and patched by Microsoft back in November.

Successful exploitation allows the attacker to execute arbitrary code on the system. In this case a piece of malware is installed.

According to Symantec, the attacks intercepted by the company targeted a number of 27 individuals within six different organizations involved in human rights activism, humanitarian aid or the analysis of foreign affairs and economic development.

More details - link
Not open for further replies.