see http://www.fireeye.com/blog/uncatego...d-attacks.html for technical information.