Securobods claim Middle East govts' fingerprints all over malware flung at journos Researchers at Toronto-based Citizen Lab have shot down denials by Syria, Bahrain and the United Arab Emirates regarding attacks against activists, journalists and dissidents, labelling some of the assaults as incompetent. The team gathered tens of thousands of documents and files detailing the malware and social engineering …
FinSpy Campaign. Beginning in April 2012, the authors received 5 suspicious e-mails from US and UK-based activists and journalists working on Bahrain. We found that some of the attachments contained a PE (.exe) file designed to appear as an image. Their filenames contained a Unicode right-to-left override (RLO) character, causing Windows to render a filename such as gpj.1bajaR.exe instead as exe.Rajab1.jpg.
The other .rar files contained a Word document with an embedded ASCII-encoded PE file containing a custom macro set to automatically run upon document startup." ref
Back in the 20th century, in a few comments I haven't been able to retrace, I made the point that there was a major upside to the activities of the then malware (mostly irritants produced by script kiddies et al). Viz, that it was forcing us to repair the gaping holes left in our online and offline security arising from the innocent design framework created by the architects of the intaweb who, initially at least, believed that it would be restricted to communications between respectable university folk and no one in their right mind would deliberately use the open doors to insert malicious software.
Now it is widely acknowledged that States have become malware producers and major security attackers, I'm feeling somewhat vindicated. The situation is bad, but consider what things would be like if we hadn't spent the last 20 years developing firewalls and malware protection...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
