A prominent computer security firm warned that the Dalai Lama’s Chinese-language Web site has been hacked and is infecting visitors’ computers with viruses in what may to be an effort to spy on human rights activists who frequently visit the site.
Kaspersky Lab researcher Kurt Baumgartner told reporters on Monday he is advising Web surfers to stay away from the Chinese-language Web site of the Central Tibetan Administration (CTA) until the organization fixes the bug.
Technical evidence suggests the group behind the campaign was also responsible for previous breaches on that site, as well as attacks on groups that focus on human rights in Asia, Baumgartner said.
Those breaches involved a two-stage attack technique known as “water holing,” where hackers first infect a site that is frequently visited by people whose computers they want to control.
That compromised site seeks to infect the PCs of all visitors, downloading malicious software that the hackers can use to take control of their computers.
Officials with the Office of Tibet in New York could not be reached for comment. That office is the official representative to the US for the Dalai Lama, Tibet’s 78-year-old exiled spiritual leader, who fled China to India in 1959 after an abortive uprising against Chinese rule.
Beijing considers the globe-trotting monk and author a violent separatist and Chinese state media routinely vilify him. The Dalai Lama, who is based in India, says he is merely seeking greater autonomy for his Himalayan homeland.
Baumgartner said the Chinese-language site of the CTA, which is the official organ of the Dali Lama’s government-in-exile, has been under constant attack from the same group of hackers since 2011, though breaches have been quietly identified and repaired before garnering significant attention.
“They have been trying repeatedly to find vulnerabilities in the site,” he said, adding that it is safe to visit the group’s English and Tibetan sites.
He said he believes the same group of attackers has repeatedly infected the site with malicious software that automatically drops viruses on computers running Microsoft Corp’s Windows and Apple Inc’s Mac operating systems.