Please Be Careful When Stealing “Lust, Caution”

Posted on November 18, 2007
Filed Under China Hackers, China Internet, China Online Games, Intellectual Property, Malware, Security |

The director Ang Lee’s new film Lust, Caution is proving to be a hit in China. I haven’t seen it yet, but it has hit the DVD stores here already. When the film was released to the theaters in China, seven minutes of really naughty sex scenes were deleted to appease the censors. The film was given an NC-17 rating the US. That means there’s enough sex in it to make teenagers want to watch it, but not enough for them to watch the whole thing.

As with any popular film, bootlegs were quickly available on file sharing sites in China. Hackers in China were quick to spot an opportunity to attack the film’s fans.

Shanghai Daily reports:

The virus, embedded in websites that provide online video or download services of “Lust, Caution”, could be spread to personal computers if they download the movie or just click the link to take a look, security software producer Rising said. The virus can also attack other computers through infected flash disks and mobile hard disks.

According to company statistics, several hundred websites featuring “Lust, Caution” have been embedded with the virus as of Friday.

Computers attacked by the virus will find their screen has turned blue. Users may also lose their on-line game accounts, according to Rising.

This sort of thing is quite common on the Chinese internet. A site is hacked and malicious code is added to web pages. When a victim connects to the site a script will run that attempts to exploit a known vulnerability in a browser. The large volume of unlicensed and unpatched Windows computers in China provide excellent tinder for a virus wildfire.

This means of infection requires the user to actually go to an infected site to be exposed to the virus. That’s what is so clever about targeting sites related to “Lust, Caution”. It occurred to some hacker that the popularity of the movie would generate a lot of corresponding internet chatter. By infecting sites associated with the movie the hacker was sure to get wide exposure for the virus.

The article only mentions it in passing, but the virus is a trojan designed to harvest online gaming account information and send it back to the hacker. Online gaming and internet messaging accounts are the most popular targets for Chinese hackers (particularly Tencent’s QQ messaging application).

Agence France-Presse, via Yahoo quotes a wages-of-sin remark from Xinhua:

Ang Lee’s steamy “Lust, Caution” has become a massive hit in China, and the award-winning film is also helping spread online computer viruses, state media said Sunday.

Internet users who download the World War II erotic thriller are very likely to see their computers infected because hackers are planting viruses on sites where it can be acquired, Xinhua news agency said.

The issue highlights emerging security problems as a growing number of Chinese download movies from the Internet, it said.

The virus has nothing to do with the bootleg film. The virus is in the web page, not the video file.

Video files have yet become a vector for viruses and other malware. The video file would need to subvert the application playing it to be able to infect a computer. This past October some security researchers at Georgia Tech made the very bold pronouncement that this might happen sometime in the future.

So if you are planning on stealing “Lust, Caution”, just make sure you have the latest security patches for your browser installed and are limiting the scripts that a site can run in your browser.

Oh, and let me know if you find a seven minute version.