Hackers booby-trap foreign policy group websites

Internet security researchers warned that foreign policy and human rights websites are being booby-trapped by hackers in what appears to be cyber espionage.

As of Monday websites for Amnesty International Hong Kong, the Cambodian Ministry of Foreign Affairs and the US Center for Defense Information (CDI) remained rigged to slip "hostile" code onto visitors' computers, according to Shadowserver Foundation devoted to tracking and reporting Internet threats.

"These attackers are not spreading malware through strategically compromised websites to make friends," Shadowserver researchers Steven Adair and Ned Moran warned in a blog post.

"They are aiming to expand their access and steal data."

Data typically sought included messages, intellectual property, research, and business intelligence such as contracts and negotiations, according to security specialists.

"The CDI website is currently serving up a malicious Flash exploit that ties back to attackers known to engage in cyber espionage," the researchers said.

"This threat group appears to be interested in targets with a tie to foreign policy and defense activities."

In recent weeks, Shadowserver has seen an array of "strategic Web compromises" taking advantage of flaws in Oracle Java and Adobe Flash programs.

The tactic is referred to as a "drive-by" attack by computer security specialists because people's computers are secretly infected simply by visiting a reputable website unaware that it has been booby-trapped by hackers.

A website for the International Institute of Counter-Terrorism at the Interdisciplinary Center in Herzliya, Israel, was listed among those compromised by hackers.

Shadowserver said that it began looking into the hacks after researchers at Websense reported last week that the main page of Amnesty International United Kingdom had been rigged with drive-by malware.

There are indications that a website for the American Research Center in Egypt was briefly compromised last week in a manner similar to the CDI page hack, according to Shadowserver.

Earlier this month the Centre for European Policy Studies website at ceps.eu was similarly compromised, according to the volunteer-based Internet security group.

Shadowserver referred to the hacks as "advance persistent threats," a term used in the industry to refer to cyber espionage by groups such as governments.

"Many of these attackers are quite skilled at moving laterally within an organization and will take advantage of any entry point they have into a network," the researchers said.

"Cyber espionage attacks are not a fabricated issue and are not going away any time soon."

Editor’s note:Yahoo Philippines encourages responsible comments that add dimension to the discussion. No bashing or hate speech, please. You can express your opinion without slamming others or making derogatory remarks.

  • What can void a new car warranty? James Deakin - Wheel Power
    What can void a new car warranty?

    "I was denied warranty once for changing my horn!" One very annoyed reader wrote. "I was told that placing a backup camera will void my warranty" said another. The others are best left in my private inbox as Yahoo! have a swear jar in the office that I do not feel like donating this week's pay to. Continue reading → …

  • Docu exposes destruction of PH marine resources VERA Files - The Inbox
    Docu exposes destruction of PH marine resources

    By Kiersnerr Gerwin B. Tacadena, VERA Files “Gutom (hunger),” Sen. Loren Legarda said is what’s in store for the Filipino people if destruction of the country's marine resources is not stopped. Legarda, chair of the Senate committee on Environment and Natural … Continue reading → …

  • ‘Yolanda’ fiberglass boats modern-day Noah’s ark VERA Files - The Inbox
    ‘Yolanda’ fiberglass boats modern-day Noah’s ark

    By Jane Dasal, VERA Files If you want to save the earth, build a boat. That's what a group of environmentalists is saying, especially if you want to save both the forests and fishermen affected by supertyphoon “Yolanda” (Haiyan). “Haiyan … Continue reading → …

POLL
Loading...
Poll Choice Options