Chinese Malware

Just in advance to the G20 meeting on Syrian crisis,a new peace of evidence has surfaced pointing towards cyber attack on the summit which according to FireEye were originated in China. These attacks have infiltrated the confidential documents about the Syrian crisis of at least nine government ministries since August 2013. FireEye which is a security platform that provides real-time threat protection to enterprises and governments, has detected the flow of malicious emails bombarding particularly upon the foreign ministries of these targeted nations, suggesting that the motive of attacks was not merely email phishing but to steal classified diplomatic information.

The report issued by FireEye does not mention the names of the attacked nations. However, The New York Times claims to have the list of the compromised ministries. This list reportedly includes countries like Czech Republic, Portugal and Hungary. FireEye has dig up strong proofs that brings China on the culprit’s dice. The report strongly recommends that the attacks were being staged by Chinese natives but does not confirm any involvement of the Chinese government or military agencies which are already under criticism due to their alleged linkup to similar kind of cyber attacks in the past.

FireEye counter-hacked and tracked one of the attacker servers and just before loosing the access it did managed to identify that how the malware could generate the login credentials by collecting system and network information on the server , which in turn promoted further infection and intrusion on the host system.



This site uses Akismet to reduce spam. Learn how your comment data is processed.