In a recent blog post, Symantec’s Joji Hamada reported that several death threats posted on Japanese bulletin boards and sent via e-mail have been traced back to a malware infection — but not until the senders were first arrested and questioned by police.
“Among other things, Japanese authorities have seen the malware send out an e-mail that ‘threatened to kill en masse at a shopping center,’ ‘an e-mail sent to an airline’ that ‘threatened to bomb a plane’ and an e-mail sent to a ‘school attended by a member of the Japanese royal family’ that ‘threatened harm against the kindergarten class,'” writes BGR’s Brad Reed.
“From our analysis, we have confirmed that the malware is capable of controlling a compromised computer from a remote location, which is not anything new to malware,” Hamada writes. “Furthermore, from the various functions we have confirmed, the creator has the capability to command the malware to make the threats mentioned above. We have also discovered that a string of characters used to process encrypted communication with the creator is in Japanese and the code is taken from a Japanese website. Therefore, we believe the creator is most likely a person who has a good understanding of the Japanese language.”
“The malicious file is called iesys.exe … Hamada said on the Symantec blog,” writes TechNewsDaily’s Ben Weitzenkorn. “The security company said it discovered at least two versions of the malware, but there may be more. The threat is relatively isolated and can be protected against by remaining vigilant when installing software and by keeping antivirus software up-to-date.”