White House Hacked by Russian Office Chimps

Everyone knows that a cat video can be a straight ticket to YouTube stardom. But monkeys seem to be the new Grumpy Cat in certain White House circles.

Apparently the (alleged) Russian hacking team that infiltrated White House networks last fall did so with the aid of a little monkey business.

The attack compromised a thankfully unclassified network that contained President Obama’s personal schedule and other not-quite-sensitive info, along with, probably, some sensitive emails. And a report last month showed that the perps may have been “far more intrusive and worrisome than has been publicly acknowledged,” an official told the New York Times. But what’s interesting now is the way the hackers got in.

Aping (oh yes!) previous viral video campaigns, the hackers, known as CozyDuke, bundled malware with funny videos, according to Kaspersky Lab. They simply lured recipients into opening email-attached videos, like one entitled ‘Office Monkeys LOL Video.zip’, starring chimpanzees in suits.

I mean really – who can resist? Even if it IS a suspicious, attached ZIP file?

“These videos are quickly passed around offices with delight, while systems are infected in the background silently,” Kaspersky researchers said in an analysis.

The file drops Monkeys.exe, playing a video of white-collar, tie-wearing chimps working in a high-rise office with a human colleague. It then launches player.exe, a CozyDuke dropper maintaining anti-detection techniques. The file collects system information, including security products installed, and goes from there.

Moral of the story, especially if you’re a White House staffer? It’s simple: Just don’t monkey around when it comes to unsolicited attachments. 

What’s Hot on Infosecurity Magazine?