Malware jumps on the Olympic bandwagon

Following on from the recent campaign of Tibet and the Beijing Olympics, Malware writers are now attempting to take advantage of unsuspecting PC users, as a video file that contains a dangerous rookit is being used.

The video is a relatively harmless cartoon that portrays a protest in the form of Chinese gymnast performing which images of the recent riots and government involvement in Tibet are shown, which is packaged in an executable file.

The video entitled the ‘Race for Tibet’ contains key-logging malware that installs itself as a driver.

Patrick Comiotto, a researcher at McAfee has exposed the system as the movie itself infects the driver and the file is installed under the name ‘dopydwi.sys’.

The file then creates a .dll file that contains the keystrokes, which is then uploaded in china by a server.

Earlier last month fake petition and press releases as well as emails of support were sent to pro-Tibet groups after the initial riots, all of which were laden with Malware.

Hijacking current and controversial events such as the Virgina tech shooting and the execution of Saddam Hussein along with landmark dates such as valentines day have become a new and effective target for Malware writers.