back to article Rare AutoCAD worm lifted blueprints from Peru, sent them to China

Security watchers have discovered a worm that targets drawings created in AutoCAD software for computer-aided design (CAD). Tens of thousands of drawings have been swiped using the malware, which is likely to have been designed for industrial espionage, according to antivirus firm Eset. The worm, dubbed ACAD/Medre.A, steals …


This topic is closed for new posts.
  1. proto-robbie

    As Father Ted pointed out ...

    ... "I didn't steal it - the money was just resting in my account"

  2. Snot Nice

    Competitive advantage?

    What current / recent infrastructure tenders have Peru offered? Have they publicly disclosed near future plans?

    China is a beast; they do not play by the same rules, take a look at Africa.

    1. Eddy Ito

      Re: Competitive advantage?

      We only know that China hosted the email addresses. It wouldn't be hard for one Peru based company to have conjured the worm to intercept the work of another Peru based company and then relay the data through the Chinese email host in an attempt to kill the e-trail.

      Beast? Rules? Because Europe has historically been such a paragon of virtue? Please do look at Africa and notice most of the mess was left behind when colonies became to much work and the imperial masters walked away. Now wonder why they welcome the Chinese who promise to help. Granted it's just another form of exploitation but at least the Chinese are using a carrot and not a stick to get what they want. And before my fellow Americans get too haughty, do I need to make a list of set-em-up-knock-em-down tin pot dictators like Noriega and Saddam?

      1. Anonymous Coward
        Anonymous Coward

        Re: Competitive advantage?

        "You guys did it first, so its okay for us to do it! To claim otherwise is racist anticompetetive imperialism!"

      2. Hans 1

        Re: Competitive advantage?

        Check up on Liberia and shut up, please.

  3. rvt


    now Peru would craft some nifty Lisp code in the DWG file to spy on the opponent?

    1. mark 63 Silver badge

      dwg / lisp code

      is that how this works? - i thought that too , but reading it gave me the impression that it was just a normal windows type worm that was keeping an eye out for .dwg files and stealing them

  4. Christian Berger

    That's why you keep data and code separate

    At least one of the reasons for doing so.

  5. Anonymous Coward
    Anonymous Coward

    Mind blowing

    Someone in Peru designed something?!

    I thought they offshored that function to space aliens.

    1. Mister_C
      Black Helicopters

      Re: Mind blowing

      Nazca was a long long time ago

  6. Naughtyhorse

    Nazca was a long long time ago

    so that explains the use of autolisp then

  7. Magani


    '...but it doesn't necessarily follow that they were Chinese.'

    Riiiiight. If it walks like a duck and quacks like a duck....

    Penguins never get confused with ducks.

    1. daveeff

      Re: China?

      If it walks like a duck and quacks like a duck... probably needs longer in the oven

    2. Wize

      Re: China?

      "If it walks like a duck and quacks like a duck...."

      ...its probably that wascally wabbit in the old "duck season/rabbit season sketch.

      If you want to start a fight between countries, attack one but let them think the attack as come from the other.

      They probably didn't even want what was inside the cad drawings.

  8. i like crisps

    Pan Pipes,

    What on earth have they been designing in Peru to

    warrant such skulduggery?

  9. Anonymous Coward
    Anonymous Coward

    trial run

    What if the worm was a trial run only before being released in the intended country or worldwide. As nearly everybody assumes there is not much autocad info to steal in Peru and the worm's developers thought that they could test and fine tune it.

  10. Barry Rueger

    Naïve or what?

    Ooh! Evil Chinese!

    I have no doubt that governments of all stripes are running similar operations - like, oh, the Americans and Israelis - as well as a lot of large corporations. Can you say Flame? Stuxnet?

    Beyond that, if this thing is in Peru you can bet your bottom dollar it's everywhere. Just because American companies aren't stepping up to say "We got it too!" doesn't mean it hasn't hit them. It would be silly to think otherwise.

  11. The elephant in the room

    What difference does it make?

    Everyone sends their dwgs to China for manufacturing anyway!

    1. LinkOfHyrule

      Re: What difference does it make?

      This aint malwear, its a productivity app!

  12. This post has been deleted by its author

    1. Captain Scarlet

      Re: treeware

      and lose everything when the PFY tea lackie trips and tips a tray of coffee over papers lieing around.

      The PFY then looks in horror as an eletrical appliances burst into flames meaning all documents are lost.

  13. Crisp


    Totally read that as Merde.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021