“There is no delight in owning anything unshared.”

Cyberattacks May 2013 – Malware on PRU 13 General Elections (Ubah!!)

As Malaysian are excited on the voting days which held at least once every five years. A new Malware has been discovered FinFisher (also called FinSpy). FinSpy is a commercially sold spyware package.


Canada based interdisciplinary laboratory had discovered a sample of FinFisher (a.k.a. FinSpy) surveillance in a Microsoft Word document crafted specifically for Malaysia’s 2013 general elections.

The specifically crafted Malware with the capability of:

  • hijack the camera and microphone.
  • infiltrates computers to grab screenshots.
  • record chat conversations.
  • log keystrokes.

Internet-based sources revealed this attack is targeting on Microsoft Word 2003. It will run VB-Macro and a fake FireFox 14.0 which named as “WINWORD.exe” will be created. The victim’s computer will communicate with the FinFisher Command & Control servers as follow:



  • Block the IP(s) and
  • Be wary before clicking on links or opening files received from known/unknown sources.

May refer to Macro Security Levels in Office 2003 Macro Security Level

Full details by F-Secure: F-Secure Analysis


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s