Malware Makes Death Threats, Frames Humans
At least three individuals arrested for making online death threats in Japan will not be prosecuted. That's because they didn't actually make them. Even though the violent messages came from accounts linked to the arrestees, the messages were actually sent on behalf of the users by a malicious piece of software.
It was discovered that each of the likely bewildered arrestees were victims of the same malware infection the gives remote control of the infected computer over to the attacker. Authorities believe the cybercriminal or criminals are really the ones responsible for the threats.
The threats showed up in a variety of formats and places. On a government website, a post threatened to kill en masse at a shopping center. In an email sent to an airline, the sender threatened to bomb a plane. In another email, received by a school attended by a member of the Japanese royal family, the sender threatened harm against the kindergarten class.
The malicious file is called iesys.exe, Symantec employee Joji Hamada said on the Symantec blog. The security company said it discovered at least two versions of the malware, but there may be more.
The threat is relatively isolated and can be protected against by remaining vigilant when installing software and by keeping antivirus software up-to-date.
In our world, where social media has quickly become a primary source of information for billions of people, identity fraud can cause havoc in facets of our lives where it never could before. A decade ago, a stolen birth date and Social Security number could become a financial headache. But now, armed with the right info, a malicious person could drain your bank account, wreck your reputation online, rifle through your emails and destroy saved work and important data.
There's a flipside, too.
As people become more comfortable sharing more of themselves and their experiences online, caution often falls by the wayside. It's important to remember that electronic communications sent from accounts that are usually controlled by people you know and trust can and do fall into the wrong hands. Just because a friend's name is on that email, text message, tweet or post, doesn't mean they're the one that sent it; it's an assumption many people make all too often.
Follow Ben on Twitter @benkwx.