Status of Chinese People

About China and Chinese people's living condition

  • China Organ Harvesting Report, in 19 languages

  • Torture methods used by China police

  • Censorship

  • Massive protests & riots in China

  • Top 9 Posts (In 48 hours)

  • All Topics

  • Books to Read

    1. A China More Just, Gao Zhisheng
    2.Officially Sanctioned Crime in China, He Qinglian
    3.
    Will the Boat Sink the Water? Chen Guidi, Wu Chuntao
    4.
    Losing the New China, Ethan Gutmann
    5.
    Nine Commentaries on The Communist Party, the Epochtimes
  • Did you know

    Reporters Without Borders said in it’s 2005 special report titled “Xinhua: the world’s biggest propaganda agency”, that “Xinhua remains the voice of the sole party”, “particularly during the SARS epidemic, Xinhua has for last few months been putting out news reports embarrassing to the government, but they are designed to fool the international community, since they are not published in Chinese.”
  • RSS Feeds for Category

    Organ Harvesting

    Human Rights

    Made in China

    Food

    Health

    Environment

    Protest

    Law

    Politics

    Feed address for any specific category is Category address followed by 'Feed/'.

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 223 other followers

China Hackers Target Remote Conferencing Devices: Dell Researchers

Posted by Author on July 31, 2013

(Reuters) – A Chinese hacking group tied to the breach of security company RSA two years ago has targeted a maker of audio-visual conference equipment in a likely attempt to tap into boardroom and other high-level remote meetings.
Security researchers at Dell Inc’s SecureWorks unit were able to monitor the computers used by the group to process communications from machines infected with stealthy software for stealing data, according to a paper they are releasing today.

Although the researchers could not tell what information was being extracted, they were able to discover many of the companies and offices unknowingly transmitting information. The compromised computers were in five different offices of a global maker of conferencing equipment, said SecureWorks researchers Joe Stewart and Don Jackson.

“I think they were looking for the source code,” Stewart told Reuters, because that would help them find flaws they could use to eavesdrop in further attacks.

“If your final target is this vendor’s customers of the conferencing product, you would want to be able to connect on their premises.”

Stewart declined to identify the manufacturer, but he has notified both the company and law enforcement. Researchers had previously found security flaws in high-end conferencing gear and the new findings suggest they are a prime target.

As a hacking strategy, such a multi-step effort would track with other major attacks, including the one on RSA, a unit of EMC Corp.

In that case, the hackers took information that helped them duplicate the rapidly changing passwords on SecurID tokens used by defense contractors and others to authenticate users when they log in remotely. The contractors were the real targets in that case, researcher said.

Stewart attributed the new round of attacks to a prolific group based in Beijing that he and others have studied for years. Stewart’s paper with Jackson tracks only one of the three dozen sophisticated malicious software programs that group favors.

That one family of code has hundreds of variants and has been used in at least 64 campaigns, including the penetration of the audio-visual equipment company, Stewart said. The same program has been used against government offices and 10 industries, including mining, media and communications.

Of the infections the researchers were able to identify, the greatest number were in Japan, followed by India, South Korea, Taiwan and the United States.

Stewart said the Beijing group is probably as big as the Shanghai-based crew that drew wide attention in February after security firm Mandiant said it was a specific unit within China’s People’s Liberation Army. China disputed the report and said it does not hack Western companies.

Although characteristics of both the Beijing and Shanghai groups sometimes show up inside the same compromised company, the Beijing group tends to focus more on activists, including those involved with Tibetan issues, Stewart said.

He has cataloged about 275 families of malicious software to date.

Source: reuters.com

Sorry, the comment form is closed at this time.