Tibet supporters targeted by Trojans
By Stephen Pritchard,
Internet users downloading pro-Tibet content are being targeted by cybercriminals for the second time in a fortnight.
The latest attack consists of a key-logging application which uses a rootkit to hide itself on users' Windows PCs. According to researchers at IT security vendor McAfee, the malware appears to be sending users' keystrokes to a computer in China.
The malware is hidden in a Flash animation that pokes fun at a Chinese Olympic competitor. But as users play the clip, the Trojan downloads the rootkit and keylogging software to their PCs. The malware is being distributed as an email, RaceForTibet.exe, McAfee found.
It is the second such attack in just a few days. Last week, hackers placed the "Fribet" Trojan on a number of pro-Tibet websites. That exploited a vulnerability in Windows.
According to Dave Marcus, security research and communications manager at McAfee's Avert Labs, the attacks are part of a wider trend for cybercriminals to exploit interest in the Olympics and other current affairs events to distribute malware.
Businesses should warn their computer users about the risks of downloading media files or playing media files contained in unsolicited emails, cautioned Bill Nagel, security researcher at industry analysts Forrester.
Most business-grade anti-virus applications will have been updated to detect the Trojans, he said, and company systems should block users from downloading attachments containing executable code, or .exe files.
"If not, attacks of this kind can be a problem, mostly because rootkits are so difficult to remove," he said.
"Businesses might even have to re-image their computers' hard drives to get rid of the rootkit. Media files have become a very popular way of distributing malware. We had the [Anna] Kournikova Trojan a few years ago... the malware authors try to make their content as attractive as possible. Anything to do with the Olympics is going to reach a wide audience."
IT departments should remind users to be watch out for downloads with executable files attached, he added.
McAfee predicted the growth of targeted malware in a report released late last year.
advertisement
Latest Internet Features
Q&A: DNS inventor Paul Mockapetris
Four months after serious flaws in the internet’s addressing system were proven, its inventor is looking beyond the threats to help bolster web security.
- Q&A: Cuil co-founder Tom Costello
- What does Internet Explorer 8 mean for you?
- Blogging for business
- Social networking in business and branding
- Internet search secrets
- Big IT for CERN's particle smashing experiment
- The saga of Scrabulous
- Q&A: Motorola's enterprise VP John Coon
- IT around the world: Russia
Latest Internet Reviews
Fortinet FortiGate-3810A
Rating: 
advertisement
Latest News Videos in Internet
Video: Q&A with Easynet Connect's Chris Stening
PlayIT PRO spoke to Chris Stening, managing director of Easynet’s SME division, about whether ISPs are giving businesses the service they deserve.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?