[liberationtech] Surtr: Malware Family Targeting the Tibetan Community
Masashi Nishihata
masashi at citizenlab.org
Fri Aug 2 13:25:32 PDT 2013
Hi Libtech
Katie Kleemola (Security Analyst, Citizen Lab) and Seth Hardy (Senior
Security Analyst, Citizen Lab) have just released a new blog post
"Surtr: Malware Family Targeting the Tibetan Community"
As part of our ongoing study into targeted attacks on human rights
groups and civil society organizations, the Citizen Lab analyzed a
malicious email sent to Tibetan organizations in June 2013. The email in
question purported to be from a prominent member of the Tibetan
community and repurposed content from a community mailing list. Attached
to the email were what appeared to be three Microsoft Word documents
(.doc), but which were trojaned with a malware family we call “Surtr” .
All three attachments drop the exact same malware. We have seen the
Surtr malware family used in attacks on Tibetan groups dating back to
November 2012.
This blog post details technical charatectiscs of the malware family and
shares MD5s and identifiers
See the full post here:
https://citizenlab.org/2013/08/surtr-malware-family-targeting-the-tibetan-community/
--
Masashi Nishihata
Research Manager, Citizen Lab
Munk School of Global Affairs
University of Toronto
Phone: (416) 946-8903
pgp key: https://citizenlab.org/masashi-key.txt
More information about the liberationtech
mailing list