Pro-Tibetan Aimed Cyberattacks

People supporting the Tibetan cause have more to worry about than Chinese censorship and retaliation, there’s a new wave of attacks aimed at them and in many aspects it’s far more dangerous. The human rights
groups that are sympathetic to the anti-Chinese protesters are targeted by cybercriminals, and the messages are all designed in such a way that anti-virus tools will not detect them as being malicious.

The emails all have attachments, a welcomed change from the usual links within the text, but the formats and the blending with malicious code is worrying to say the least. PDF, Microsoft Word and Microsoft Excel formats have been changed to install keyloggers among other malware. Security company F-Secure has provided additional information on the matter, including the means of propagating the unwanted emails and their contents: "These emails have been sent to mailing lists, private forums and directly to persons working inside pro-Tibet groups. Some individuals have received targeted attacks like this several times a month."

Should you receive an email that has attached one of the following files, delete them right away, or, under no circumstance download them, as the malware is automatically installed upon opening: UNPO Statement of Solidarity.pdf, Daul-Tibet intergroup meeting.doc and tibet_protests_map_no_icons__mar_20.ppt. The documents appear to contain legitimate information in support of the protests in the Tibetan capital of Lhasa between Chinese soldiers and those militating for Tibet having more independence.

Attacks against supporters of an anti-Chinese government movement are dating back to 2002, according to SANS, and previous targets include Falun Gong and the Uyghurs. The current crisis is very controversial, both in aim and in course of action, as the Chinese government has declared that 19 people have been killed in the riots, but the Tibetan government, exiled now, states that at least 99 have lost their lives.

[Source: softpedia]