China-Tibet row spills over into malware attacks

Both sides of debate targeted to spread malicious code.

With the political row over China's involvement in Tibet continuing to make the headlines, cybercriminals have been as quick as ever to exploit the public interest in the topic, using the story as a hook for several malware attacks.

The first was as wave of SQL-based attacks probing websites related to the Free Tibet movement for vulnerabilities, and where possible injecting malicious code which caused visitors to be exposed to drive-by downloads of remote-control software. A few days later, a political cartoon apparently supporting the Free Tibet position was seen disguising an install vector for a keylogger stealthed with a rootkit.

Details on the two attacks are blogged at McAfee here and here.

16 April 2008

Tags: china, drive-by download, keylogger, malware, politics, rootkit, sql injection. del.icio.us digg this