Sunday, August 22, 2010

Human Rights and Malware Attacks

Via Infowar Monitor (Aug 19, 2010) -

On March 18, 2010, unknown attackers sent a spear phishing email that appeared to be from Sharon Hom, the Executive Director of Human Rights in China (HRIC), to a variety of organizations and individuals. Leveraging the trust and recognition of HRIC, the attackers’ email encouraged recipients to visit a compromised website that contained malicious code designed to allow the attackers to ultimately take full control of the visitor’s computer. These targeted malware attacks are now becoming commonplace, further extending the threat faced by civil society organizations.


The subject of the email was “Microsoft, Stool Pigeon for the Cops and FBI” and the email contained a JPG attachment. However, the attackers’ objective was for the targets to visit the link contained in the email. The link,, redirected to which was compromised by the attackers and in which they had inserted code that caused visitors to the website to open a malicious PDF from This PDF exploited Adobe Reader and compromised the visitors computer. Compromised computers then connected to a website under the attackers’ control,, and downloaded additional malware before ultimately connecting to a command and control server, 360liveupdate. com, in China.

No comments:

Post a Comment