Malware writers cash in on Olympics

By

A video file laced with a malicious rootkit is the latest attempt by hackers to cash in on the Beijing Olympics..


The video appears to be a simple protest cartoon packaged in an executable file. But the 'Race for Tibet' movie also contains a piece of key-logging malware that installs itself as a driver.

The cartoon shows a Chinese gymnast performing in an event along with images from the recent riots and government crackdowns in Tibet. The user is then urged to join a 'race for Tibet' protest.

McAfee researcher Patrick Comiotto warned that the movie initially infects the user with a malicious driver. The file is installed in the '%windir%/system32/' driver folder under the name 'dopydwi.sys'.

The file then proceeds to create a .dll file that logs keystrokes which are later uploaded to a server in China.

The cartoon is the latest in a series of attacks that have tried to take advantage of the recent events in Tibet and the upcoming Olympic games in Beijing.

Malware-laden fake petitions and press releases were sent out to pro-Tibet groups in early March following initial rioting in the region.

By last week, the Trojan involved in those attacks was linked to a larger series of SQL website attacks.

Piggybacking on current events has become a common social-engineering tactic for malware distributors.

Events ranging from the Virginia Tech shootings to the execution of Saddam Hussein have been exploited by hackers to infect unwitting users.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
cashinmalwareolympicsonsecuritywriters

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?