A video file laced with a malicious rootkit is the latest attempt by hackers to cash in on the Beijing Olympics.
The video appears to be a simple protest cartoon packaged in an executable file. But the 'Race for Tibet' movie also contains a piece of key-logging malware that installs itself as a driver.
The cartoon shows a Chinese gymnast performing in an event along with images from the recent riots and government crackdowns in Tibet. The user is then urged to join a 'race for Tibet' protest.
McAfee researcher Patrick Comiotto warned that the movie initially infects the user with a malicious driver. The file is installed in the '%windir%/system32/' driver folder under the name 'dopydwi.sys'.
The file then proceeds to create a .dll file that logs keystrokes which are later uploaded to a server in China.
The cartoon is the latest in a series of attacks that have tried to take advantage of the recent events in Tibet and the upcoming Olympic games in Beijing.
Malware-laden fake petitions and press releases were sent out to pro-Tibet groups in early March following initial rioting in the region.
By last week, the Trojan involved in those attacks was linked to a larger series of SQL website attacks.
Piggybacking on current events has become a common social-engineering tactic for malware distributors.
J1043+2408 was observed for more than 10 years, and its radio light curve exhibited a periodic signal repeating in about 563 days
Success of Unity's test flight means Virgin Galactic is now close to taking its first paying tourist into space
V3 puts the pro-level football GPS tracker through its paces, and asks if it's more than a gimmick
Finding refutes many earlier studies that suggest that galaxies don't have much dark matter at the time of their birth