Malaysian e-mail virus exploits terrorism fears

A virus hidden in an e-mail purporting to warn of planned terrorist attacks is spreading in Malaysia, according to published reports.

Potential victims receive a message labeled "Urgent message to all citizens of Malaysia" that claims to warn of five planned terrorist attacks, with the times and places supposedly leaked by an anonymous Malaysian government source. The e-mail says it seeks to minimize the number of terrorist victims by spreading the information on the planned attacks.

The text of the e-mail contains a link that claims to connect to a Web site with important information regarding the supposed attacks. However, the Malaysian Computer Emergency Response Team (MyCERT) said clicking the link actually triggers the installation of a virus, which attempts to connect to three different Internet hosts. MyCERT's Web site said the virus was similar to the Backdoor.Tofger Trojan horse reported in early December 2003.

MyCERT also said, according to The Star, that the three Internet hosts to which the virus attempts to connect could have had their security compromised already. MyCERT has already notified the three hosts' system administrators.

The MyCERT Web site has instructions on how to remove the virus.

Some viruses have used the lure of pornography to get victims to activate malicious attachments. The Malaysian virus exploits current terrorist fears, and by doing so makes its perpetrators liable for not only the virus itself, but, under Malaysia's harsh Internal Security Act, for the crime of rumor mongering as well.

Arrests and detentions under e-mail rumor mongering have occurred previously in Malaysia, said The Star. Ten people were arrested in December 2002 for allegedly spreading an e-mail about planned bombings in Malaysia's capital, Kuala Lumpur, and four people were detained in 1998 for e-mails that claimed there had been religious riots in Kuala Lumpur. The penalties for spreading false reports or false statements that are likely to cause public alarm are a fine of up to $263 and up to a year in jail.

The Star said that MyCERT officials had not yet confirmed whether the Malaysian police had been notified of the virus-laden e-mail.

CNETAsia staff reported from Singapore.