In what seems to be a textbook case of industrial cyber-espionage, a new malware steals AutoCAD files.
The malware, written in the LISP programming language, targets sensitive and proprietary information such as blueprints, usually made using AutoCAD software.
Security firm ESET first discovered this virus in February this year, but at that time, instances were an odd occurrence. The recent spike in this malware however brings the issue to center-stage.
Cases of targeted industrial espionage, where a competitor slips in malware to hijack files, to steal designs, eavesdrop on how much the other party would quote in a bid or for other purposes of a similar nature are all too common. However this malware now doing this on a wholesale basis, to do this in a large scale points to some other sinister design.
A deeper study unearthed the malware sending such stolen files to what appears to be a server located in China. The fact that China is renowned for manufacturing cheap goods, and stealing the deisgn to eliminate R&D costs is one way to produce cheap lends credence to the possibility of a Chinese hand.
ESET has since then contacted Tencent, the Chinese service provider under whom the server allegedly resides to shut down the malware’s point of delivery.
This malware, like most other targeted cyber-espionage malware probably spreads through documents and attachments. A good anti-virus program would be an effective deterrent, but the fact that this malware seem to be spreading rapidly suggests that many firms even now fail to deploy even the most basic of protection.