Since the end of June, the media have been talking about a possible new magazine distributed by Al-Qaeda and promoted on various Islamic websites. One reason I was interested by this document was a message I read in some extremist forums saying it could contain viruses and spyware.
In searching I found two documents. Each had 67 pages and each seemed corrupted. The first three pages were readable, but the others contained only ASCII debris. I will not comment here about the content of the first pages; they have been sufficiently debated in the media. (Click to enlarge.)
My first surprise was my PDF reader was able to open the files, despite their appearing to be corrupted. At first, both files looked identical. In closely examining the first nonreadable page, I saw a difference: In one case, the top and bottom margins were visible. Inside, a filename and path puzzled me–C:\Users\m050\Desktop\ellenbca.pdf. (Click to enlarge.)
Searching the web for ellenbca.pdf, I discovered one interesting file: a document on the best cupcakes in America by someone named Dulcy Israel. (I’m not making this up!)
I also found a French blog post named «Al-Qaïda Magazine»: la manipulation dévoilée (in English: the disclosed trick). This post explained that New Yorker Lee Gillentine had analyzed the cupcake file and discovered someone had opened it as an ASCII-encoded file in a Windows-based text editor, printed a PDF from this text editor, and then merged it with the first three pages of the so-called Al-Qaïda Magazine. (Click to enlarge.)
The only thing apparently missing was the white words on black background. But not really! In fact, each nonprintable ASCII character was replaced by its abbreviation. For example, the hex 00 for NULL and the hex 18 for CANCEL, forming NULCAN (shorthand for Null and Cancel). This patterns runs throughout the whole document.
My searches also turned up a possible newspaper with a title and a font very similar to the one I investigated. Found on a web page containing garbage HTML code with Al-Qaeda references, this second discovery left me wondering.
Despite the noise around this assumed Al-Qaeda document, I am unconvinced of its origin. I doubt it is a terrorist creation. Cybercrime and political hacktivism have invaded the Internet, but disinformation can also be a powerful force.
View full post on McAfee Avert Labs
Related Posts
- Free anti-virus for Mac named Best Anti-Malware solution at SC Awards
Who would have thought it? A free anti-virus program for Apple Macs being named best anti-malware solution ahead of those security products for boring old Windows.Well, that's exactly what happened at... - Sophos shortlisted for two awards by SC Magazine Europe 2011
Well well well - isn't this exciting! Sophos has been shortlisted for two awards by SC magazine.
Sophos Anti-Virus for Mac Home Edition is up for Best Anti-Malware Solution, and Sophos is a contende... - Symantec Exposes Innovative Malware (PC Magazine)
PC Magazine - Writing malicious software is a business, and successful businesses innovate. Symantec's research team reports on some painfully innovative new threats.
Full story: Yahoo! News: Sec... - Dating Site PlentyofFish Hacked in Bizarre Scheme (PC Magazine)
PC Magazine - Dating site PlentyofFish.com was hit by hackers this weekend, but rather than a quick data grab, the alleged hacker carried out a scheme that involved tales of Russian mobsters, extorti... - Kinect, Black Ops Top ‘Most Dangerous’ Tech Gift Searches (PC Magazine)
PC Magazine - Today F-Secure released it's annual "Cyber Monday Cyber-Watch List," with the most dangerous gifts consumers will be searching for this Thanksgiving, from a virus search perspective. - ... - Facebook News Feeds Full of Malware, BitDefender Says (PC Magazine)
PC Magazine - There are a lot of bogus posts floating around Facebook. According to data from security company BitDefender, there's harmful content behind about 20 percent of posts on a Facebook news... - PC Magazine Four-Star Review of SafeCentral 2.6
We earned 4 stars in the PC Magazine review of SafeCentral 2.6 that review that appeared on Friday. I am very happy to see the review up on the PCMag.com home page.The reviewer, Neil J. Rubenking, c... - USB Malware Attacks On the Rise (PC Magazine)
PC Magazine - Malware slips in via many weak points. It can come via e-mail, drive-by downloads, or ill-advised clicking—perhaps on a misleading popup. Increasingly, it also comes via USB device... - EU Unveils Strong Online Privacy Rules (PC Magazine)
PC Magazine - The European Commission on Thursday proposed a sweeping overhaul to its data protection laws, which would, among other things, require Internet companies to collect as little data as pos... - Antivirus Protection Varies Widely Between Windows Versions (PC Magazine)
PC Magazine - Antivirus lab AV-Test.org evaluated almost 20 antivirus products under Windows 7 and under Windows XP SP2, with wildly different results. Windows 7 seems to make life easier for most ant...
Posted on 10 July 2010. Tags: Disinformation, Magazine, Play
