The Politics Of Malware

I recently saw a provocative tweet from @mikkohypponen that reminded me malware is still quite often politically motivated.

Dark Reading Staff, Dark Reading

November 8, 2010

1 Min Read
Dark Reading logo in a gray background | Dark Reading

I recently saw a provocative tweet from @mikkohypponen that reminded me malware is still quite often politically motivated. "Just got a phone call. Had to remove an image from my last blog post: http://bit.ly/c1S94U Sorry if you missed it."

Of course, I just had to click through to see what was removed and why. Mikko's post deals with the evolution of a Firefox zero-day found on the Nobel Peace Prize website in late October. This time around, attackers are exploiting interest in the Peace Prize via an Adobe Reader/Acrobat exploit (CVE-2010-2883. The exploit is contained in a PDF attachment carried by the email, which masquerades as an invite to the Nobel Prize ceremony.

The removed image that Mikko referenced in his Twitter post was the red herring file displayed when a victim opened the PDF. Curiosity seekers can still see a copy of the decoy in this Contagio blog. Basically, it's a very convincing-looking invitation to "celebrate human rights and the universal message of Liu Xiaobo".

Mary Landesman is an antivirus professional and senior security researcher for ScanSafe, now part of Cisco. In 2009 she was awarded a Microsoft MVP for her work in consumer security.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights