https://arstechnica.com/information-technology/2018/11/malware-targeting-autocad-is-infecting-companies-all-around-the-world/
By Dan Goodin
Ars Technica
11/27/2018
Criminal hackers continue to exploit a feature in Autodesk's widely used
AutoCAD program in an attempt to steal valuable computer-assisted designs
for bridges, factory buildings, and other projects, researchers said
Tuesday.
The attacks arrive in spear-phishing emails and in some cases postal
packages that contain design documents and plans. Included in the same
directory are camouflaged files formatted in AutoLISP, an AutoCAD-specific
dialect of the LISP programming language. When targets open the design
document, they may inadvertently cause the AutoLISP file to be executed.
While modern versions of AutoCAD by default display a warning that a
potentially unsafe script will run, the warnings can be disregarded or
suppressed altogether. To make the files less conspicuous, the attackers
have set their properties to be hidden in Windows and their contents to be
encrypted.
The attacks aren't new. Similar ones occurred as long ago as 2005, before
AutoCAD provided the same set of robust defenses against targeted malware
it does now. The attacks continued to go strong in 2009. A specific
campaign recently spotted by security firm Forcepoint was active as
recently as this year and has been active since at least 2014, an
indication that malware targeting blueprints isn’t going away any time
soon.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
