A video file laced with a malicious rootkit is the latest attempt by hackers to cash in on the Beijing Olympics.
The video appears to be a simple protest cartoon packaged in an executable file. But the 'Race for Tibet' movie also contains a piece of key-logging malware that installs itself as a driver.
The cartoon shows a Chinese gymnast performing in an event along with images from the recent riots and government crackdowns in Tibet. The user is then urged to join a 'race for Tibet' protest.
McAfee researcher Patrick Comiotto warned that the movie initially infects the user with a malicious driver. The file is installed in the '%windir%/system32/' driver folder under the name 'dopydwi.sys'.
The file then proceeds to create a .dll file that logs keystrokes which are later uploaded to a server in China.
The cartoon is the latest in a series of attacks that have tried to take advantage of the recent events in Tibet and the upcoming Olympic games in Beijing.
Malware-laden fake petitions and press releases were sent out to pro-Tibet groups in early March following initial rioting in the region.
By last week, the Trojan involved in those attacks was linked to a larger series of SQL website attacks.
Piggybacking on current events has become a common social-engineering tactic for malware distributors.
Loon's balloons will bring the internet to remote areas of the country
New clues into the biosphere on Earth in the lead up to the emergence of animal life
Planetary collision might shed light on the chaotic processes behind a star's early development
Success boosted by streamer Ninja and celebrity gamers