[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Malaysian e-mail virus exploits terrorism fears
From:       InfoSec News <isn () c4i ! org>
Date:       2003-12-30 15:32:07
Message-ID: Pine.LNX.4.44.0312300931580.28662-100000 () idle ! curiosity ! org
[Download RAW message or body]

http://news.com.com/2100-7349_3-5133874.html

By CNETAsia Staff 
Special to CNET News.com
December 29, 2003

A virus hidden in an e-mail purporting to warn of planned terrorist 
attacks is spreading in Malaysia, according to published reports. 

Potential victims receive a message labeled "Urgent message to all 
citizens of Malaysia" that claims to warn of five planned terrorist 
attacks, with the times and places supposedly leaked by an anonymous 
Malaysian government source. The e-mail says it seeks to minimize the 
number of terrorist victims by spreading the information on the 
planned attacks. 

The text of the e-mail contains a link that claims to connect to a Web 
site with important information regarding the supposed attacks. 
However, the Malaysian Computer Emergency Response Team (MyCERT) said 
clicking the link actually triggers the installation of a virus, which 
attempts to connect to three different Internet hosts. MyCERT's Web 
site said the virus was similar to the Backdoor.Tofger Trojan horse 
reported in early December 2003. 

MyCERT also said, according to The Star, that the three Internet hosts 
to which the virus attempts to connect could have had their security 
compromised already. MyCERT has already notified the three hosts' 
system administrators. 

The MyCERT Web site has instructions on how to remove the virus. 

Some viruses have used the lure of pornography to get victims to 
activate malicious attachments. The Malaysian virus exploits current 
terrorist fears, and by doing so makes its perpetrators liable for not 
only the virus itself, but, under Malaysia's harsh Internal Security 
Act, for the crime of rumor mongering as well. 

Arrests and detentions under e-mail rumor mongering have occurred 
previously in Malaysia, said The Star. Ten people were arrested in 
December 2002 for allegedly spreading an e-mail about planned bombings 
in Malaysia's capital, Kuala Lumpur, and four people were detained in 
1998 for e-mails that claimed there had been religious riots in Kuala 
Lumpur. The penalties for spreading false reports or false statements 
that are likely to cause public alarm are a fine of up to $263 and up 
to a year in jail. 

The Star said that MyCERT officials had not yet confirmed whether the 
Malaysian police had been notified of the virus-laden e-mail. 



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@attrition.org with 'unsubscribe isn'
in the BODY of the mail.
[prev in list] [next in list] [prev in thread] [next in thread]