ESET, one of the developer of security solutions for home and corporate use, yesterday announced it has uncovered and helped thwart a worm that targets AutoCAD drawings. Tens of thousands of AutoCAD drawings, primarily from users in Peru and a few other Spanish-speaking nations, reportedly were leaking at the time of the discovery.
ACAD/Medre.A a Malware worm was stealing AutoCAD files from infected computers and sending them to e-mail accounts in China. ESET worked with Tencent, the owner of the domain that hosted the suspect e-mail addresses; the Chinese National Computer Virus Emergency Response Center; and Autodesk to stop the file transmissions, the company reports. The e-mail accounts associated with the malware were blocked, preventing further data leakage.
Righard Zwienenberg, senior research fellow at ESET, said, “ACAD/Medre.A represents a serious case of suspected industrial espionage. Every new design [was being] sent automatically to the operator of this malware. Needless to say this can cost the legitimate owner of the intellectual property a lot of money as the cybercriminals have access to the designs even before they go into production. They may even have the guts to apply for patents on the product before the inventor has registered it at the patent office.”
“ACAD/Medre.A is a worm written in AutoLISP, a dialect of the LISP programming language used in AutoCAD. Whilst we classify it as a worm, due to several features that aid its propagation, it can also be labeled as a trojan, as it tries to sneak into a victim system alongside legitimate AutoCAD drawings, or even a virus, as it infects the AutoCAD environment on the target system (similar to the way the Induc virus would infect the Delphi programming environment).”
More info AutoCAD Virus