The cartoon shows a Chinese gymnast performing in an event along with images from the recent riots and government crackdowns in Tibet. The user is then urged to join a 'race for Tibet' protest.
McAfee researcher Patrick Comiotto warned that the movie initially infects the user with a malicious driver. The file is installed in the '%windir%/system32/' driver folder under the name 'dopydwi.sys'.
The file then proceeds to create a .dll file that logs keystrokes which are later uploaded to a server in China.
The cartoon is the latest in a series of attacks that have tried to take advantage of the recent events in Tibet and the upcoming Olympic games in Beijing.
Malware-laden fake petitions and press releases were sent out to pro-Tibet groups in early March following initial rioting in the region.
By last week, the Trojan involved in those attacks was linked to a larger series of SQL website attacks.
Piggybacking on current events has become a common social-engineering tactic for malware distributors.
Events ranging from the Virginia Tech shootings to the execution of Saddam Hussein have been exploited by hackers to infect unwitting users.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Digital NSW 2025 Showcase
_(1).jpg&h=140&w=231&c=1&s=0)
