Internet security researchers warned on Tuesday that foreign policy and human rights Web sites are being booby-trapped by hackers in what appears to be cyberespionage.
As of Monday Web sites for Amnesty International Hong Kong, the Cambodian Ministry of Foreign Affairs and the US Center for Defense Information (CDI) remained rigged to slip “hostile” code onto visitors’ computers, according to the Shadowserver Foundation, which is devoted to tracking and reporting Internet threats.
“These attackers are not spreading malware through strategically compromised Web sites to make friends,” Shadowserver researchers Steven Adair and Ned Moran warned in a blog post. “They are aiming to expand their access and steal data.”
Data typically sought included messages, intellectual property, research, and business intelligence such as contracts and negotiations, according to security specialists.
“The CDI Web site is currently serving up a malicious Flash exploit that ties back to attackers known to engage in cyberespionage,” the researchers said. “This threat group appears to be interested in targets with a tie to foreign policy and defense activities.”
In recent weeks, Shadowserver has seen an array of “strategic Web compromises” taking advantage of flaws in Oracle Java and Adobe Flash programs.
The tactic is referred to as a “drive-by” attack by computer security specialists because people’s computers are secretly infected simply by visiting a reputable Web site unaware that it has been booby-trapped by hackers.
A Web site for the International Institute of Counter-Terrorism at the Interdisciplinary Center in Herzliya, Israel, was listed among those compromised by hackers.
Shadowserver said that it began looking into the hacks after researchers at Websense reported last week that the main page of Amnesty International United Kingdom had been rigged with drive-by malware.
There are indications that a Web site for the American Research Center in Egypt was briefly compromised last week in a manner similar to the CDI page hack, according to Shadowserver.
Earlier this month the Center for European Policy Studies Web site at ceps.eu was similarly compromised, according to the volunteer-based Internet security group.
Shadowserver referred to the hacks as “advance persistent threats,” a term used in the industry to refer to cyberespionage by groups such as governments.
“Many of these attackers are quite skilled at moving laterally within an organization and will take advantage of any entry point they have into a network,” the researchers said. “Cyberespionage attacks are not a fabricated issue and are not going away any time soon.”
When a hiker fell from a 55m waterfall in wild New Zealand bush, rescuers were forced to evacuate the badly hurt woman without her dog, which could not be found. After strangers raised thousands of dollars for a search, border collie Molly was flown to safety by a helicopter pilot who was determined to reunite the pet and the owner. A week earlier, an emergency rescue helicopter found the woman with bruises and lacerations after a fall at a rocky spot at the waterfall on the South Island’s West Coast. She was airlifted on March 24, but they were forced to
CONFIDENCE BOOSTER: ’After parkour ... you dare to do a lot of things that you think only young people can do,’ a 67-year-old parkour enthusiast said In a corner of suburban Singapore, Betty Boon vaults a guardrail, crawls underneath a slide, executes forward shoulder rolls and scales a steep slope, finishing the course to applause. “Good job,” the 69-year-old’s coach cheers. This is “geriatric parkour,” where about 20 retirees learned to tackle a series of relatively demanding exercises, building their agility and enjoying a sense of camaraderie. Boon, an upbeat grandmother, said learning parkour has aided her confidence and independence as she ages. “When you’re weak, you will be dependent on someone,” she said after sweating it out with her parkour classmates in suburban Toa Payoh,
HIGH HOPES: The power source is expected to have a future, as it is not dependent on the weather or light, and could be useful for places with large desalination facilities A Japanese water plant is harnessing the natural process of osmosis to generate renewable energy that could one day become a common power source. The possibility of generating power from osmosis — when water molecules pass from a less salty solution to a more salty one — has long been known. However, actually generating energy from that has proved more complicated, in part due the difficulty of designing the membrane through which the molecules pass. Engineers in Fukuoka, Japan, and their private partners think they might have cracked it, and have opened what is only the world’s second osmotic power plant. It generates
Chinese dissident artist Gao Zhen (高兟), famous for making provocative satirical sculptures of former Chinese leader Mao Zedong (毛澤東), was tried on Monday over accusations of “defaming national heroes and martyrs,” his wife and a rights group said. Gao, 69, who was detained in 2024 during a visit from the US, faces a maximum three-year prison sentence, said his wife, Zhao Yaliang (趙雅良), and Shane Yi, a researcher at the Chinese Human Rights Defenders group which operates outside the nation. The closed-door, one-day trial took place at Sanhe City People’s Court in Hebei Province neighboring the capital, Beijing, and ended without a
RSS