From: "Rich Gauszka" 

I've seen articles hinting at industrial sabotoge.  I take it many of these
exploits use the free host bouncing services?

http://www.eweek.com/article2/0,1895,1992128,00.asp
Symantec, of Cupertino, Calif., said the Trojan also opens a back door on
the compromised system and connects to the "soswxyz.8800.org"
domain. The Trojan then listens and waits for commands from a remote
attacker.

Alfred Huger, senior director of engineering at Symantec, said the dirty
PowerPoint file infects the machine with a piece of malware called
Trojan.PPDropper.C which in turn drops two separate backdoors that give the
attack unauthorized access to the compromised computer.

The first Trojan, called Backdoor.Bifrose.E, logs keyboard strokes, hijacks
sensitive system data and transmit the information back to a remote server
hosted in China.

F-Secure, an anti-virus vendor with headquarters in Finland, said the
Bifrose backdoor file is an uncompressed PE executable that is encrypted
with a simple algorithm. The backdoor is programmed to connect to
"pukumalon.8800.org," which is a free host bouncing service in
China.

"Geo"  wrote in message
news:44c15e64$1{at}w3.nls.net...
> Nice stealth virus.
>
> Geo.
>
> "Rich Gauszka"  wrote in message
> news:44c1344c{at}w3.nls.net...
>>
>>
> http://news.yahoo.com/s/nm/20060720/tc_nm/microsoft_virus_dc;_ylt=AhcX11OUbWo
d9ODv9UMp0PhT.3QA;_ylu=X3oDMTA5aHJvMDdwBHNlYwN5bmNhdA--
>>
>>  SEATTLE (Reuters) - Microsoft Corp. warned about a new computer virus
> that
>> exploits a vulnerability in its PowerPoint presentation software to allow
>> hackers to infiltrate computer systems.
>> Microsoft issued an advisory on the company's security Web log on July 17
>> about the virus, which is carried out when a user launches a PowerPoint
>> attachment to an e-mail or opens a file provided to them by the attacker.
>>
>> Hackers could also lure users to a Web page that offers content or
>> advertisements containing a file that exploits the PowerPoint software,
>> Microsoft said. The vulnerability applies to PowerPoint 2000, 2002 and
> 2003.
>>
>> Once the user triggers the corrupt PowerPoint file, the virus installs a
>> keystroke logging system to capture everything typed on the machine. It
> also
>> leaves the machine open to having a hacker install other malicious
> programs.
>>
>>
>>
>>
>
>

--- BBBS/NT v4.01 Flag-5