SAN FRANCISCO – Computer intruders targeting pro-Tibetan groups, U.S. defense contractors and government agencies slipped in through previously unknown security holes in Microsoft Office, prompting Microsoft to issue a flurry of patches to the popular software suite in 2006 and 2007, according to computer security experts.

These attacks, which appeared to have originated in China, began in early 2006 when the attackers started sending e-mails to victims with booby-trapped Word documents and Excel spreadsheets attached.

"We are seeing more and more spying done with Trojans, a shift that has happened in the last two years," Mikko Hyppönen, the chief research officer for software security vendor F-Secure, told RSA conference attendees Thursday morning.

The Pentagon and pro-Tibet groups have previously acknowledged the intrusions, but Hyppönen is the first to link the cyber espionage to a series of patches that Microsoft pushed out without explanation. Microsoft did not immediately reply to a request for comment.

Hyppönen's colleague Patrik Runald notes that from 2005 through early 2006, Microsoft issued few patches for its Office suite. But soon after there was an explosion of patches for critical bugs that could be used to infect a computer, including a record 26 patches in October, 2006, that fixed four critical bugs in Microsoft Office applications.

Those fixes, Runald says, appeared contemporaneously with the rise of targeted attacks on defense companies, nonprofits and government agencies. "They now have an incentive to begin looking for bugs and exploiting them," Runald said. "Bad guys are finding these things fast."

The attackers relied on e-mails tempting the victim to open the attachments, in some cases by presenting them as résumés from job seekers.

But when the target opened the attachment, the application would usually crash, while the embedded code covertly installed a keylogger and data-stealing software that scooped up documents anywhere on the organization's network to which the user had access.

The malware then forwards the stolen information to services called DNS bouncers in China, such as 8800.org, that attackers can use to obfuscate and rapidly change where stolen documents or passwords are sent. Finally, the code opens up what looks to be a legitimate document, in the hopes that the target won't know his or her computer was just infected.

The espionage was highly successful, according to Hyppönen. One multi-billion-dollar defense contractor who went to F-Secure for help found that a single compromised Windows box had been secretly siphoning information to a server in mainland China for 18 months.

"Most attacks go unnoticed and targets don't know they are hit," Hyppönen said.

Hyppönen won't declare that the espionage is the work of the Chinese government or hackers loyal to it, though all the evidence points that way.

"Is it the Chinese?," Hyppönen asked. "It sure looks like it but it could be a smokescreen. We don't know."

Warnings about targeted attacks are not new, but the increase in espionage against government and nonprofit groups is alarming to experts. In the past, security researchers more often dealt with financially motivated hackers who are after insider trading information, trade secrets or even early copies of movies that could be turned into pirate DVDs before its theatrical release.

"We now have to deal with the criminal doing it for money, and the spies doing it for information," Hyppönen said.

Though Microsoft's patches have shored up security in the Office suite, the attacks continue. A more recent spate of intrusions at government agencies and pro-Tibet and Taiwanese groups have resorted to older, known vulnerabilities. The attackers are using the classic hacking technique of reverse-engineering Microsoft security updates to discover the holes they patch.

Since large organizations can take weeks or months to update all of their machines, the updates provide intruders with a window of opportunity, Runald said.

Such attacks against pro-Tibet groups spiked in recent weeks following the riots in Tibet. On March 17, attackers sent a file purporting to be a statement from the United Nations to a pro-Tibet mailing list. Once opened, the document attempted to install malware that steals PGP encryption keys, as part of an attempt to compromise tools used to keep communications secure, according to Hyppönen.

Like the 2006 and 2007 attacks, the newer intrusions appear to be the work of a single group of hackers: The attack files used on one target are sometimes used within weeks on another. "The files have the same hash," Hyppönen said. It almost a given it is the same attacker."

The cyberspies also do a lot more homework than your run-of-the-mill online criminal, who tries to steal PayPal accounts by sending out millions of e-mails, with no idea whether the recipients actually use the online payment service.

By contrast, the stealthy attackers will try to test their exploits ahead of time by calling the company to quiz a secretary on what kind of anti-virus software the organization uses, claiming, for example, that an e-mail he sent to the company keeps bouncing.

The spies also forge e-mail headers to fool a recipient into thinking a file comes from a co-worker or trusted source. They may even go so far to figure out who a C-level executive plans to meet with, in order to send a very convincing e-mail.

For protection, Hyppönen suggested that companies use F-Secure's free root-kit detection tool, called BlackLight, install security patches rapidly, employ layers of security from different vendors, and monitor internet traffic headed to "funky hosts."

Adobe's Acrobat has also been targeted, and Hyppönen recommended that people use an alternative PDF reader. He also noted that OpenOffice, an open source alternative to Microsoft Office, has not been targeted.

It is also possible for users to notice when they get infected, since exploits usually crash Microsoft Word or Adobe Acrobat Reader before relaunching the application with a real file. That leads to a quick screen flash, and sometimes ends up putting the name of the exploit file in Word's recovered document's pane.

While one might expect banks to be targeted with these kinds of exploits, Hyppönen says he hasn't seen a single one, calling that a clue to the motivations of these attackers.

Runald says the message is clear.

"The enemy is changing," he said. "Now we are also fighting spies."