Japanese Government Posts Findings on Remote-Control Virus: the “chikan.zip” filename: Full Info

On Thursday, the Japanese government’s Information-technology Promotion Agency (IPA) posted the findings in its investigation of a malicious software (malware) that allows an attacker to remotely control a victim’s computer.

Police had arrested anime technical director Masaki Kitamura (Gundam 00) in August for sending massacre threats, but released him one month later after they determined that the malware likely enabled someone else to send the threats from Kitamura’s computer. Other individuals held on similar charges were also released, and the government publicly apologized for arresting them.

The malware (labeled by the media and IPA as a “virus”) was distributed as a “character substitution software” under the “chikan.zip” filename. (The Japanese word for substitution is “chikan.”) Decompressing the chikan.zip archive will reveal the chikan.exe program and a data file. When the user runs chikan.exe to complete the installation, it creates the iesys.exe malware that allows an outsider to control the user’s computer remotely.

IPA gave the standard advice for preventing this and other malware: “Do not download files from unknown sources and open them” and “Do not carelessly click URL links.”

Animenewsnetwork, via temple-knights.com