In association with heise online

26 March 2008, 10:23

Trojan attack on pro-Tibet groups

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

In the last few days, pro-Tibetan groups on the internet have been the target of unusually well-executed attacks using trojans in e-mail attachments. F-Secure reports that the attachments are PDF files which exploit an undisclosed encoding vulnerability in the Adobe Reader to install and run a keylogger. This records everything typed on the infected computer and sends it to server on a well-known Chinese DNS bouncer.

The attack is conspicuous for the quality of its social engineering. The e-mail purports to originate from the Unrepresented Nations and Peoples Organization (UNPO). The PDF document contains an authentic looking declaration of solidarity. In the words of F-Secure, someone is using these techniques to infect targeted computers belonging to members of pro-Tibetan groups in order to spy on their activities.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit