Hi Libtech Katie Kleemola (Security Analyst, Citizen Lab) and Seth Hardy (Senior Security Analyst, Citizen Lab) have just released a new blog post "Surtr: Malware Family Targeting the Tibetan Community"
As part of our ongoing study into targeted attacks on human rights groups and civil society organizations, the Citizen Lab analyzed a malicious email sent to Tibetan organizations in June 2013. The email in question purported to be from a prominent member of the Tibetan community and repurposed content from a community mailing list. Attached to the email were what appeared to be three Microsoft Word documents (.doc), but which were trojaned with a malware family we call “Surtr” . All three attachments drop the exact same malware. We have seen the Surtr malware family used in attacks on Tibetan groups dating back to November 2012. This blog post details technical charatectiscs of the malware family and shares MD5s and identifiers See the full post here: https://citizenlab.org/2013/08/surtr-malware-family-targeting-the-tibetan-community/ -- Masashi Nishihata Research Manager, Citizen Lab Munk School of Global Affairs University of Toronto Phone: (416) 946-8903 pgp key: https://citizenlab.org/masashi-key.txt -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
