/

Malware targets users seeking info on Islamic State group

by

Staff Writer

Sophisticated computer malware has been infecting computers when users visit certain blogs that discuss the Islamic State militant group.

The Tokyo-based Cyber Defense Institute said Wednesday that several Arabic-language blogs offering apparently independent analysis of issues around the Islamic State contain hidden code which gets injected into the user’s computer when the text is translated using an automated online translation tool. Japanese and English are two translation languages in which this is known to happen.

“Although it’s difficult to identify the attacker, we believe it’s a cyberattack targeted specifically toward firms or individuals who are now doing research on counterterrorism,” said Toshio Nawa, the director of the institute, which is located in Chuo Ward.

Nawa said the institute began to examine the sites after being approached by victims who knew their computers had been compromised and reported the loss of IDs and passwords.

The institute said it has identified at least three occasions in which a user’s computer was infected with malware after activating the automated translation function offered by search engines such as Google, Bing and Excite.

The function displays pages with all foreign text, in this case Arabic, converted into one of more than 50 other languages, but in the case of these blogs the computer also receives malware.

Nawa said the infected Arabic-language blogs were originally shared via social media, especially on Twitter and Facebook.

“The blog sites disappeared after a few days, so it’s difficult to track down who it was that originally wrote the blogs,” he said.

Nawa said he feels the blogs must have been written with the intention of reaching a specific kind of victim, as the attacker knows that there is a “high possibility that people interested in the topic will look for information written in the original language.”

He added, the attacker’s choice of Arabic might be due to the fact that they were targeting users who were searching for more in-depth analysis of the militant group.

Nawa said although it is impossible to prevent this kind of attack, talking about it is useful “to raise awareness, especially among those involved in counterterrorism duties.”

He urged users to exercise caution on the Internet.

“They have to be cautious when they come across blogs that are written in Arabic, and don’t immediately use automatic translation functions to find out what they mean,” Nawa said.