Cybercriminals attach malicious Ichitaro files to spear phishing emails

Jun 20, 2013 00:41 GMT  ·  By

Back in February, Symantec reported identifying cyberattacks that leveraged a zero-day in Ichitaro, a popular Japanese word processor developed by JustSystems. The attacks, which began in mid-January, only target Japanese users. 

On Tuesday, JustSystems published an advisory to warn users that the Ichitaro vulnerability was being exploited in targeted attacks. The company provides patches for the security hole in question and advises all its customers to apply them as soon as possible.

According to Symantec, the flaw has been exploited in targeted attacks since May, but the volume of attacks has been minimal.

Cybercriminals are sending out spear phishing emails that contain a specially crafted Ichitaro document file.

When the recipient opens the document, a backdoor Trojan, which allows the attackers to take over the infected computer, is dropped.