TechTarget

Chinese hackers attack Dalai Lama and India High Commission

Security researchers have discovered a complex ecosystem of cyber espionage which they claim systematically compromised computer networks in India, the Offices of the Dalai Lama, the United Nations and several other countries.

Security researchers have discovered a complex ecosystem of cyber espionage which they claim systematically compromised computer networks in India, the Offices of the Dalai Lama, the United Nations and several other countries.

A report - "Shadows in the Cloud: An Investigation into Cyber Espionage 2.0" - published by security research firms Information Warfare Monitor and Shadowserver Foundation has documented evidence of a cyber espionage network that compromised government, business, academic and other computer systems.

The researchers were able to obtain data from 44 compromised computer systems, finding:

  • A web-based interface that lists cursory information on compromised computers located on one command and control server;
  • Text files in web-accessible directories on three command and control servers that list detailed information on compromised computers;
  • Information obtained from e-mail accounts used for command and control of compromised computers;
  • Information obtained from one command and control server from which exfiltrated documents (but not necessarily technical identifying information) were retrieved;
  • Information obtained from DNS sinkhole.

The researchers said the hackers, believed to be two people living in Chengdu, have links to the Chinese hacking community. They appear to use social networking sites including Twitter, Google Groups, Blogspot, Baidu Blogs, blog.com and Yahoo! to build a command-and-control infrastructure, designed to maintain persistence.

The researchers found evidence that confidential, encrypted documents were stolen from the Indian government. One of the compromised systems was the High Commission of India's UK office.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close