Tuesday, April 15, 2008

Pro-Tibet supporters targetted by Malware

Internet users downloading pro-Tibet content are being targeted by cybercriminals for the second time in a fortnight.

The latest attack consists of a key-logging application which uses a rootkit to hide itself on users' Windows PCs. According to researchers at IT security vendor MacAfee.

he malware appears to be sending users' keystrokes to a computer in China.

The malware is hidden in a Flash animation that pokes fun at a Chinese Olympic competitor. But as users play the clip, the Trojan downloads the rootkit and keylogging software to their PCs. The malware is being distributed as an email, RaceForTibet.exe, McAfee found.

It is the second such attack in just a few days. Last week, hackers placed the "Fribet" Trojan on a number of pro-Tibet websites. That exploited a vulnerability in Windows.

According to Dave Marcus, security research and communications manager at McAfee's Avert Labs, the attacks are part of a wider trend for cybercriminals to exploit interest in the Olympics and other current affairs events to distribute malware.

Businesses should warn their computer users about the risks of downloading media files or playing media files contained in unsolicited emails, cautioned Bill Nagel, security researcher at industry analysts Forrester.

Most business-grade anti-virus applications will have been updated to detect the Trojans, he said, and company systems should block users from downloading attachments containing executable code, or .exe files.

"If not, attacks of this kind can be a problem, mostly because rootkits are so difficult to remove," he said.

"Businesses might even have to re-image their computers' hard drives to get rid of the rootkit. Media files have become a very popular way of distributing malware. We had the [Anna] Kournikova Trojan a few years ago... the malware authors try to make their content as attractive as possible. Anything to do with the Olympics is going to reach a wide audience."

IT departments should remind users to be watch out for downloads with executable files attached, he added.

1 comment:

Mo said...

It's just not fair.

Google Groups Beta
Subscribe to eMarketing A to Z
Visit this group