Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
  • Go

Virus E-mail Attacks Aim at pro-Tibetan Activists

Pro-democracy and human rights groups supporting demonstrations against China in Tibet are recently becoming targets of sophisticated and corrupt cyber attacks aimed to shatter the groups' activities and steal confidential information relating to their members and work.

News agency Agence France-Presses reported on March 18, 2008 that in connection with one such sophisticated attack, it got e-mail from a Denmark-based person who had sent a file attachment claiming that it contained pictures of the Chinese army shooting Tibetans. But when the agency attempted to view the attachment, a warning appeared claiming the presence of a virus.

Meanwhile, according to security experts, attackers are implanting malicious programs in e-mails claiming to be coming from reliable colleagues. The e-mail content is actually bait using social engineering to trick recipients into opening the attachment and releasing an exploit.

Chief Research Officer Mikko H. Hypponen at F-Secure explains that the exploit surreptitiously drops and executes a file named C:\ProgramFiles\Update\winkey.exe. InformationWeek published this in news n March 21, 2008.

Hypponen continued to say that the file is actually a keylogger that gathers the keystrokes on the targeted computer and sends it to another computer on the Net at xsz.8800.org. He said that this 8800.org is one DNS-bouncer system from China and while it is not false, yet it has been repeatedly used in various attacks.

Remarking about the level of sophistication in the cyber threats and attacks, provider of IT support for Tibetans, Greg Walton, who is also a researcher of Chinese computer spying at the UK's University of Sunderland, said that it is possible to make only speculations about these attacks. According to Walton, the attacks appear to come from the centrally controlled servers in China but the servers are just the stepping stones. InformationWeek reported this on March 21, 2008.

According to SANS, although the violence is observed as a recent incident, cyber attacks targeting anti-China government entities occurred earlier also back in 2002, as reported by The Register on March 22, 2008. The recent cyber attacks take place while riots erupt in Lhasa, the capital of Tibet, between protesting people and soldiers of the Chinese military.

Related article: Virus Infects Through USB Drives

» SPAMfighter News - 28-03-2008

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next