Tibet: Trojan Horse Gallops from Beijing, Disguised as Dalai Lama Statement
Offices of the Tibetan exile administration have recently started receiving emails disguised as originating from Sonam N. Dagpo, "Additional Secretary" (sic) of the Department of Information and International Relations (DIIR) in Dharamsala, and purportedly carrying the text of His Holiness the Dalai Lama's 10 March statement as an attached file.
Promptly denying authorship of the insidious emails, Dagpo, Secretary (no longer additional secretary), warned us that the attachment was actually a virus.
Dagpo warned us also not to open any attachment purportedly coming from the official email addresses of other DIIR staffers, such as Tenzin Lekshey and Masood Butt.
Once opened, the attachment is designed to plant a Trojan Horse on the unsuspecting recipient's computer, making its content accessible to the attackers.
The source of the eavesdropping devise was traced by Washington, D.C.-based International Campaign for Tibet to China Railway Telecommunications Center in Xicheng District, Beijing.
This makes it the third round of cyber attacks coming from Beijing and targetting the Tibet movement.
The last attack came in the Fall of 2003 to coincide with the Fourth International Tibet Support Groups Conference in Prague, when an Internet company in Beijing sent out a custom-designed eavesdropper disguised as a message from the conference organizer, Tibetan exile administration offices and major support groups round the world.
Chinese hackers are known to have planted digital spies also on the computer systems of other governments and movements deemed to be hostile.
Victims include Falung Gong, and the governments of South Korea, Taiwan and the United States.
As late as July 2004, nearly 300 South Korean government computers were reportedly infected by "viruses capable of stealing passwords and other sensitive information".
Financial Times reported that the "National Assembly and an atomic energy research institute are among 10 agencies penetrated by the hackers, who were traced to China by the Korean intelligence service."