Tibet supporters targeted by Trojans
By Stephen Pritchard,
Internet users downloading pro-Tibet content are being targeted by cybercriminals for the second time in a fortnight.
The latest attack consists of a key-logging application which uses a rootkit to hide itself on users' Windows PCs. According to researchers at IT security vendor McAfee, the malware appears to be sending users' keystrokes to a computer in China.
The malware is hidden in a Flash animation that pokes fun at a Chinese Olympic competitor. But as users play the clip, the Trojan downloads the rootkit and keylogging software to their PCs. The malware is being distributed as an email, RaceForTibet.exe, McAfee found.
It is the second such attack in just a few days. Last week, hackers placed the "Fribet" Trojan on a number of pro-Tibet websites. That exploited a vulnerability in Windows.
According to Dave Marcus, security research and communications manager at McAfee's Avert Labs, the attacks are part of a wider trend for cybercriminals to exploit interest in the Olympics and other current affairs events to distribute malware.
Businesses should warn their computer users about the risks of downloading media files or playing media files contained in unsolicited emails, cautioned Bill Nagel, security researcher at industry analysts Forrester.
Most business-grade anti-virus applications will have been updated to detect the Trojans, he said, and company systems should block users from downloading attachments containing executable code, or .exe files.
"If not, attacks of this kind can be a problem, mostly because rootkits are so difficult to remove," he said.
"Businesses might even have to re-image their computers' hard drives to get rid of the rootkit. Media files have become a very popular way of distributing malware. We had the [Anna] Kournikova Trojan a few years ago... the malware authors try to make their content as attractive as possible. Anything to do with the Olympics is going to reach a wide audience."
IT departments should remind users to be watch out for downloads with executable files attached, he added.
McAfee predicted the growth of targeted malware in a report released late last year.
advertisement
Latest Internet Features
The continued curse of cybersquatting
For some, it’s a problem confined to the early days of the Internet. But current figures suggest that the cybersquatting problem is, if anything, growing.
- Where next for Microsoft, Yahoo and Google?
- Top 10 reviews of 2008
- The year in IT news
- Top 10 security stories of 2008
- 15 tech charities that need your help
- Christmas Gadget Roundup
- Why enterprise search is not internet search
- Web helps Wiggly Wigglers win big
- Netbooks vs. Smartphones: Making business mobile
Latest Internet Reviews
EXCLUSIVE - eSoft ThreatWall 250
Rating: 
advertisement
Latest News Videos in Internet
Video: Q&A with Easynet Connect's Chris Stening
PlayIT PRO spoke to Chris Stening, managing director of Easynet’s SME division, about whether ISPs are giving businesses the service they deserve.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?