Feeds

Bogus Beijing earthquake reports used to spread malware

Playing with Olympic fire

Top 5 reasons to deploy VMware with Tegile

Supected botnet operators are using false reports that a fictitious earthquake near Beijing could disrupt the Olympic games to spread malware.

Samples of the bogus alert doing the rounds, featuring subject lines such as "Million dead in Chinese quake", link to a website on a .cn domain. This site claims a quake measured in at 9.0* on the Richter scale has caused millions of casualties while throwing preparations for the games into turmoil. The page contains links to a supposed video that actually downloads the Nuwar-E worm onto the Windows boxes of marks credulous enough to fall for the ruse.

Net security firm Sophos reports that the .cn domains advertised in that attack are likely to be part of a botnet. Each DNS query for the domains returns a different IP address, indicating a changing network of compromised hosts are serving up the malware.

Using topical events to punt malware is one of the oldest social engineering tricks in the book. Baiting malware traps with "news" about non-existent calamities is hardly unprecedented either.

Its unclear where the hackers behind the latest scam are based. But if they're anywhere in China they are playing with fire. Last week police in south China arrested a man accused of spreading rumors of an impending earthquake after hacking into a government website. The 19 year-old suspect has reportedly confessed to breaking into the official website of the Guangxi earthquake administration on 31 May to spread the rumour, little more than a fortnight after a real earthquake claimed an estimated 68,000 lives in Sichuan province.

The technology worker (identified only by his surname, Chen) carried out the attack out of mischief, or to have "fun" as police sources put it, official Chinese news agency Xinhua reports. Somehow we doubt he's having much fun now. ®

* The Sichuan earthquake was measured at around magnitude 8.0 on the Richter scale. Earthquakes that weight in at over 9.0 on the Richter scale are very rare. The earthquake that triggered the Indian Ocean Tsunami of December 2004 measured 9.3 on the scale and is the second highest ever recorded. So the idea that news of such a disaster would first reach recipients by spam email really beggars belief.

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.