Malware writers cash in on Olympics

By

A video file laced with a malicious rootkit is the latest attempt by hackers to cash in on the Beijing Olympics..


The video appears to be a simple protest cartoon packaged in an executable file. But the 'Race for Tibet' movie also contains a piece of key-logging malware that installs itself as a driver.

The cartoon shows a Chinese gymnast performing in an event along with images from the recent riots and government crackdowns in Tibet. The user is then urged to join a 'race for Tibet' protest.

McAfee researcher Patrick Comiotto warned that the movie initially infects the user with a malicious driver. The file is installed in the '%windir%/system32/' driver folder under the name 'dopydwi.sys'.

The file then proceeds to create a .dll file that logs keystrokes which are later uploaded to a server in China.

The cartoon is the latest in a series of attacks that have tried to take advantage of the recent events in Tibet and the upcoming Olympic games in Beijing.

Malware-laden fake petitions and press releases were sent out to pro-Tibet groups in early March following initial rioting in the region.

By last week, the Trojan involved in those attacks was linked to a larger series of SQL website attacks.

Piggybacking on current events has become a common social-engineering tactic for malware distributors.

Events ranging from the Virginia Tech shootings to the execution of Saddam Hussein have been exploited by hackers to infect unwitting users.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?