The Criminal Investigation Bureau has admitted that it handed out 54 malware-infested thumb drives to the public at a data security expo hosted by the Presidential Office from Dec. 11 to Dec. 15 last year.
The malware-infected USB sticks were among 250 drives that the bureau gave to the winners of a game about cybersecurity knowledge.
The malware program with the file name XtbSeDuA.exe was designed to collect personal data and transmit it to a Poland-based IP address that then bounces the information to unidentified servers, the bureau said, adding that it was known to have been used by an electronic fraud ring uncovered by Europol in 2015.
Only older, 32-bit computers are susceptible to the malware and common anti-virus software can successfully detect and quarantine it, the bureau said.
The 8-gigabyte thumb drives were purchased from contractors and some of them were made in China, but the bureau has ruled out Chinese espionage, it said, adding that the infection originated from an infected work station at New Taipei City-based contractor Shawo Hwa Industries Co (少華企業).
An employee at the company used the affected computer to transfer an operating system to the drives and test their storage capacity, transmitting the malware to 54 units, the bureau said.
Random sampling of the thumb drives, which were sourced from various contractors, failed to discover the malware, it added.
Distribution was halted in the afternoon of Dec. 12, after members of the public complained that drives had been flagged by their anti-virus programs, it said, adding that 20 drives have been recovered while 34 “remain in the wild.”
The server receiving the data from the malware was shut down after the bureau took measures to address the issue, it said.
National Police Agency Director-General Chen Chia-chin (陳家欽) and National Security Council cybersecurity adviser Lee Der-tsai (李德財) were briefed on the incident, an anonymous source said.
National security officials are unhappy that a Presidential Office event was compromised and concerned that the event might have been deliberately targeted by a hacker group, the source said, adding that they have demanded the bureau launch another probe.
The bureau has apologized to the Presidential Office and other government agencies that participated in the expo, the source said.
921 EARTHQUAKE: The magnitude 7.3 quake left 2,456 people dead and 10,718 injured, while 53,661 houses were fully destroyed and 53,024 houses damaged The Central Weather Bureau yesterday received about 50,000 views on Facebook after it posted the data that it collected on Sept. 21, 1999, when the nation was devastated by a magnitude 7.3 earthquake. The data showed that the 921 Earthquake hit the nation at 1:47am, with the epicenter being 7km southwest of the bureau’s quake detection center in Nantou County’s Yuchi Township (魚池) at a depth of 8km. The quake left 2,456 people dead and 10,718 injured, while 53,661 houses were fully destroyed and 53,024 houses damaged, with the cost of the damage estimated at NT$300 billion (US$10.8 billion at the current
British newspaper The Mail on Sunday reported that Prince Charles met with Bruno Wang (汪家興), a Taiwanese fugitive who describes himself as a Chinese philanthropist and donated ￡500,000 (US$683,522) to the prince’s charity, the Prince’s Foundation. The newspaper reported that Wang is wanted in Taiwan on charges related to money laundering and being a fugitive from justice, allegations he denies, and drew comparisons between Wang and the Russian banker Dmitry Leus. Investigation and cooperation with foreign authorities have found that Bruno Wang’s father, Andrew Wang (汪傳浦), had stashed proceeds from a scandal involving the procurement of Lafayette frigates in 61 bank accounts,
AT ODDS: The KMT called on the government to seek bilateral dialogue with Beijing to resolve the issue that led to the ban on custard apple and wax apple imports Democratic Progressive Party (DPP) officials and lawmakers yesterday condemned China’s sudden ban on imports of custard apples and wax apples from Taiwan as “obvious political retaliation,” while the opposition called for a scientific investigation into Beijing’s claim to have found pests in imports of the fruits. China earlier yesterday announced a ban on the importation of the two fruits from today, citing repeated discoveries of Planococcus minor, a type of mealybug. The announcement follows a similar ban on Taiwanese pineapples imposed in February. At least Beijing gave a few days’ notice when it banned pineapple imports, an unnamed government official said yesterday. This time
BY OTHER MEANS: China could see CPTPP membership as a means of circumventing trade restrictions imposed by the US, amid an ongoing trade dispute between them The US could invoke a clause in its trade agreement with Canada and Mexico to block China’s application to join the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP), a government official said yesterday. Under Article 32.10 of the Exceptions and General Provisions of the United States-Mexico-Canada Agreement (USMCA), if either Canada or Mexico enter a free-trade agreement with a nonmarket economy — such as China — the US could withdraw from the agreement. “If that clause applies to multilateral free-trade agreements such as the CPTPP — which Mexico and Canada are members of — that might be cause for the two