Feeds

Chinese hackers target media in anniversary run-up

News organisations, NGOs hit by trojan attacks

Remote control for virtualized desktops

Chinese workers in foreign media outlets within China are in the firing line of a new wave of malware-laden emails.

The timing of the emails, in the run-up to the 60th anniversary of the Communist Party's rise to power in mainland China on 1 October, has sparked dark accusations (supported by circumstantial evidence) that the Chinese government might be behind the attacks.

Human rights groups are also getting targeted in the latest wave of cyber-attacks, which are far from unprecedented.

"There is definitely a pattern of virus attacks in the run-up to important dates on the Chinese political calendar," Nicholas Bequelin of Human Rights Watch in Hong Kong told Reuters.

"Whether the government is behind it, closes its eyes to it, supports it or has nothing to with it is unclear. There are also patriotic hackers, so there is no way to know for sure who is behind it."

The latest wave of attacks involves the forwarding of kosher emails from activist organisations together with a fake malware-ridden attachment. The tactic gets around earlier tell-tale signs of malicious emails, such as poor spelling. In addition, email addresses are spoofed to disguise their true origin.

Reuters reports that Chinese workers at foreign news organisations across China received identical emails on Monday, each containing an attachment designed to exploit a recently-patched flaw in Adobe Acrobat. Flaws in Adobe's software applications are becoming a favourite in targeted attacks, second only to Microsoft Office-themed assaults.

The tainted emails posed as a request by a fictitious economics editor called Pam Bouron to line-up interviews in advance of a supposed visit to Beijing. The messages were tailored so that Bouron appeared to work for each of the targeted news outlets: Reuters, the Straits Times, Dow Jones, AFP, and Italian news agency Ansa.

The "Pam Bouron" emails targeted Chinese workers whose names were not typically included in news reports. These workers are hired through an agency which reports to the Chinese Foreign Ministry, a fact seized on by some as circumstantial evidence of possible Chinese government involvement in the ruse.

Many foreign reporters in Beijing and Shanghai received malware-laden emails shortly after the initial attack.

Trojan tainted emails were also sent to foreign news agencies and non-government organisations in the run-up to last year's Beijing Olympics, Reuters adds.

In related developments, Beijing authorities have reportedly tightened physical security in the run-up to a military parade and other celebrations to celebrate National Day. The government has also reportedly mandated the use of stricter ISP-level censorware filters in an attempt to further control internet access in the run-up to 1 October. ®

Internet Security Threat Report 2014

More from The Register

next story
Webcam hacker pervs in MASS HOME INVASION
You thought you were all alone? Nope – change your password, says ICO
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Meet OneRNG: a fully-open entropy generator for a paranoid age
Kiwis to seek random investors for crowd-funded randomiser
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Reducing the cost and complexity of web vulnerability management
How using vulnerability assessments to identify exploitable weaknesses and take corrective action can reduce the risk of hackers finding your site and attacking it.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.