Trojan attack on pro-Tibet groups
In the last few days, pro-Tibetan groups on the internet have been the target of unusually well-executed attacks using trojans in e-mail attachments. F-Secure reports that the attachments are PDF files which exploit an undisclosed encoding vulnerability in the Adobe Reader to install and run a keylogger. This records everything typed on the infected computer and sends it to server on a well-known Chinese DNS bouncer.
The attack is conspicuous for the quality of its social engineering. The e-mail purports to originate from the Unrepresented Nations and Peoples Organization (UNPO). The PDF document contains an authentic looking declaration of solidarity. In the words of F-Secure, someone is using these techniques to infect targeted computers belonging to members of pro-Tibetan groups in order to spy on their activities.