Upload

Loading icon Loading...

This video is unavailable.

Opening the email that was used to hack RSA

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to like FSLabs's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to dislike FSLabs's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to add FSLabs's video to your playlist.

Published on Aug 26, 2011

In this video you can see us opening the very email that was used to break into RSA / EMC in March 2011. The email is opened to Outlook and the attachment is launched. The attachment is an XLS file which has no content except an embedded flash object. The object shows up as a [X] symbol in the spreadsheet. Flash is executed by Excel and it uses the CVE-2011-0609 vulnerability to execute code and to drop a Poison Ivy backdoor to the system. After this, the exploit code closes Excel and the infection is over. After this, the attacker has full remote access to the infected workstation and full access to network drives that the user can access. Video done by F-Secure Labs

Loading icon Loading...

Loading icon Loading...

Loading icon Loading...

Loading icon Loading...

Ratings have been disabled for this video.
Rating is available when the video has been rented.
This feature is not available right now. Please try again later.

Loading icon Loading...

Loading...
Working...
to add this to Watch Later

Add to