[ISN] Malaysian e-mail virus exploits terrorism fears

From: InfoSec News (isn@private)
Date: Tue Dec 30 2003 - 07:32:07 PST

  • Next message: InfoSec News: "[ISN] Electronic voting firm says hacker broke in"

    http://news.com.com/2100-7349_3-5133874.html
    
    By CNETAsia Staff 
    Special to CNET News.com
    December 29, 2003
    
    A virus hidden in an e-mail purporting to warn of planned terrorist 
    attacks is spreading in Malaysia, according to published reports. 
    
    Potential victims receive a message labeled "Urgent message to all 
    citizens of Malaysia" that claims to warn of five planned terrorist 
    attacks, with the times and places supposedly leaked by an anonymous 
    Malaysian government source. The e-mail says it seeks to minimize the 
    number of terrorist victims by spreading the information on the 
    planned attacks. 
    
    The text of the e-mail contains a link that claims to connect to a Web 
    site with important information regarding the supposed attacks. 
    However, the Malaysian Computer Emergency Response Team (MyCERT) said 
    clicking the link actually triggers the installation of a virus, which 
    attempts to connect to three different Internet hosts. MyCERT's Web 
    site said the virus was similar to the Backdoor.Tofger Trojan horse 
    reported in early December 2003. 
    
    MyCERT also said, according to The Star, that the three Internet hosts 
    to which the virus attempts to connect could have had their security 
    compromised already. MyCERT has already notified the three hosts' 
    system administrators. 
    
    The MyCERT Web site has instructions on how to remove the virus. 
    
    Some viruses have used the lure of pornography to get victims to 
    activate malicious attachments. The Malaysian virus exploits current 
    terrorist fears, and by doing so makes its perpetrators liable for not 
    only the virus itself, but, under Malaysia's harsh Internal Security 
    Act, for the crime of rumor mongering as well. 
    
    Arrests and detentions under e-mail rumor mongering have occurred 
    previously in Malaysia, said The Star. Ten people were arrested in 
    December 2002 for allegedly spreading an e-mail about planned bombings 
    in Malaysia's capital, Kuala Lumpur, and four people were detained in 
    1998 for e-mails that claimed there had been religious riots in Kuala 
    Lumpur. The penalties for spreading false reports or false statements 
    that are likely to cause public alarm are a fine of up to $263 and up 
    to a year in jail. 
    
    The Star said that MyCERT officials had not yet confirmed whether the 
    Malaysian police had been notified of the virus-laden e-mail. 
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Dec 30 2003 - 09:55:29 PST