TechTarget

Google China hack exploited flaws in Adobe Acrobat and Reader

The attempts to hack the Gmail accounts of human rights activists which sparked Google's threat to pull out of China, exploited flaws in Adobe Reader and Acrobat software.

The attempts to hack the Gmail accounts of human rights activists which sparked Google's threat to pull out of China, exploited flaws in Adobe Reader and Acrobat software.

The revelation by researchers at Verisign iDefence Security Intelligence Services came as Adobe released a critical security patch for both Reader and Acrobat.

Adobe has given no indication of whether the patch is related to the same flaws exploited in the recent attack against Google and more than 20 other large companies, including Adobe, in December.

The attacks were mainly on US technology, finance and defence industry firms with the aim of stealing intellectual property.

The Google attack was mainly aimed at getting information about human rights activists. It targeted an internal system the firm uses to comply with search warrants for data on Google users, said security firm Scansafe.

This industry targeting is not new, with malware attacks against 21 industry verticals recorded in 2008, Mary Landesman, senior security researcher at Scansafe said in a blog post.

Even mass-distributed malware becomes targeted once that malware gets into the corporate network, typically downloading a configuration file that specifies the information to be harvested from a particular organisation, she said.

Google is to hold talks with the Chinese authorities to see if the firm can continue providing search results in the country, but without censoring those results.

"We recognise that this may well mean having to shut down Google.cn, and potentially our offices in China," Google lawyer David Drummond said in a blog post.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close