It appears Chinese hackers found a vulnerability in Internet Explorer and Adobe Flash Player and used it to redirect targeted individuals to a site that would install malware on their systems. This zero-day exploit was able to circumvent any pre-existing security to perform the attack undetected. According to Forbes, the malware only existed on its site from November 28 to December 1, 2014. It was probably only reported now to allow investigators time to gather information about the attackers and their malware. Thus, you can be certain they are sure that the attack came from China.
The cyber espionage campaign targeted US defense and financial institutions as well as companies connected to them. Any individuals who visited Forbes during this period are likely to have been infected. If you are one of these people, make sure to scan your system, otherwise, you may at this moment be conducting espionage for the Chinese government.
Forbes, itself, may no longer be infected, but the Chinese malware may be happily gathering information from many companies and institutions that are totally unaware that they have been victimized. Adobe fixed its vulnerability on December 9th; however, Microsoft only released its patch on Tuesday.
There has been an increase in cyber espionage attacks recently due to the world’s political instability. Companies and government departments can expect attacks to become even more intense as new malware appears daily. The recent discovery of the Russian-based Inception malware (see my upcoming post) directly targets company executives with one of the most complex attacks ever devised.
Thought of the Day: Your own safety is at stake when your neighbor’s wall is ablaze.-Horace