Chinese Cyberspies Use Malaysian Flight for Attacks
Spies tied to some of China’s largest cyberespionage campaigns are using the disappearance of Malaysian Flight MH 370 to infect computers of governments and think tanks.
Two of the attacks were uncovered by researchers at security company FireEye, who did not immediately respond to requests for interview.
FireEye found the attacks used a modified version of a hacking tool favored in Chinese state-sponsored attacks called Poison Ivy. They also traced the attacks to a group dubbed “Admin@338,” which has been involved in previous Chinese espionage campaigns.
The cyberspies leveraged the Malaysian Flight to gain access. They sent emails to specific targets with an infected file seemingly about the Malaysian flight. If the victim opened the file, it would infect the computer with their espionage tool.
After gaining access, they would be able to monitor the victim’s computer, steal files, or even watch the victim through a webcam.
The group of cyberspies began their attacks on March 10—two days after the Malaysian flight disappeared—and targeted an unnamed foreign government in the Asian Pacific region, according to a FireEye analysis of the campaign.
The individuals sent an email to the target, with an attached file called “Malaysian Airlines MH370.doc.” If the victim opened the file, the cyberspies would then gain access to the computer.
Their next target was “a prominent U.S.-based think tank,” according to FireEye, and the hacking tool was disguised as a Flash video.
In October 2013, Admin@338 was involved in cyberespionage campaigns targeting a U.S. think tank, the Central Bank of an unnamed Western European government, a high-ranking government official in the Far East, and several other targets involved in trade and financial policy.
FireEye noted the 2013 espionage campaign was “apparently focused on gathering data related to international trade, finance, and economic policy.”
The attacks uncovered by FireEye were not the only Chinese attacks that are leveraging the Malaysian flight.
Security company Kaspersky found similar infected files disguised as information on the flight’s disappearance, which it traced back to groups behind some of China’s largest espionage campaigns.
Anyone can join.
Anyone can contribute.
Anyone can become informed about their world.
"United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.
Please Help Support BeforeitsNews by trying our Natural Health Products below!
Order by Phone at 888-809-8385 or online at https://mitocopper.com M - F 9am to 5pm EST
Order by Phone at 866-388-7003 or online at https://www.herbanomic.com M - F 9am to 5pm EST
Order by Phone at 866-388-7003 or online at https://www.herbanomics.com M - F 9am to 5pm EST
Humic & Fulvic Trace Minerals Complex - Nature's most important supplement! Vivid Dreams again!
HNEX HydroNano EXtracellular Water - Improve immune system health and reduce inflammation.
Ultimate Clinical Potency Curcumin - Natural pain relief, reduce inflammation and so much more.
MitoCopper - Bioavailable Copper destroys pathogens and gives you more energy. (See Blood Video)
Oxy Powder - Natural Colon Cleanser! Cleans out toxic buildup with oxygen!
Nascent Iodine - Promotes detoxification, mental focus and thyroid health.
Smart Meter Cover - Reduces Smart Meter radiation by 96%! (See Video).
| Online: | |
| Visits: | 1,603,319,790 |
| Stories: | 8,149,709 |
Whistler Blowers, Insiders
