Malware writers cash in on Olympics

By

A video file laced with a malicious rootkit is the latest attempt by hackers to cash in on the Beijing Olympics..


The video appears to be a simple protest cartoon packaged in an executable file. But the 'Race for Tibet' movie also contains a piece of key-logging malware that installs itself as a driver.

The cartoon shows a Chinese gymnast performing in an event along with images from the recent riots and government crackdowns in Tibet. The user is then urged to join a 'race for Tibet' protest.

McAfee researcher Patrick Comiotto warned that the movie initially infects the user with a malicious driver. The file is installed in the '%windir%/system32/' driver folder under the name 'dopydwi.sys'.

The file then proceeds to create a .dll file that logs keystrokes which are later uploaded to a server in China.

The cartoon is the latest in a series of attacks that have tried to take advantage of the recent events in Tibet and the upcoming Olympic games in Beijing.

Malware-laden fake petitions and press releases were sent out to pro-Tibet groups in early March following initial rioting in the region.

By last week, the Trojan involved in those attacks was linked to a larger series of SQL website attacks.

Piggybacking on current events has become a common social-engineering tactic for malware distributors.

Events ranging from the Virginia Tech shootings to the execution of Saddam Hussein have been exploited by hackers to infect unwitting users.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
cashinmalwareolympicsonsecuritywriters

Sponsored Whitepapers

Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt

Events

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack
Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"
International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack
Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?