Forum latest

Mysterious Forces Hack Pro-Tibet, Save Darfur, Falun Gong Sites
Written by Daniel   
Wednesday, 26 March 2008 12:14

Who could be behind the wave of online attacks that have the internet community seeing red?

 Jason Mick (Blog) - March 26, 2008 10:15 AM

A series of online strikes has been carried out in the last few months on several high profile international targets. Among those targets are the Falun Gong and pro-Tibetan liberation organizations. Also targeted is the Save Dafur campaign.

As Sherlocke Holmes might say, "The game is afoot!"

The Internet Storm Center, an news organization focusing on online threats, announced this week, "On Friday we reported on targeted attacks against various pro-Tibet non-governmental organizations (NGO) and communities, as well as Falun Gong and the Uyghurs."

One technique that is being used to attack these organizations is a fake memo with a malicious attachment. This memo claims to have a human rights report about Tibet attached. Analysts state that the memo uses several key social engineering tricks to lull the readers into a false sense of security. Among these are the use of pertinent language in the memo and official looking numbers and titles.

Even trickier, the attachment is actually two files -- a legitimate flier for a real life book on the state of Tibet and a separate malicious trojan binary.

Eight types of trojans have been employed by the attackers, including the well known Enfal, Riler and Protux attacks. While some machines are merely crippled, others are maintained and controlled through remote access using the Gh0st RAT tool. The majority of control servers were identified to be on Chinese netblocks. However some originated from the U.S., South Korea and Taiwan.

Tibet has been under Chinese rule since military occupation in 1951. The Falun Gong claims its a spiritual organization focusing on meditation, boasting as many as 70 million members in China. The organization has been labelled as a cult by China. China regularly breaks up its public practices and jails its leaders.

The Save Darfur group has been under heavy attack from hackers. The FBI is currently investigating these attacks, which they say may have a possible Chinese connection. The Save Darfur campaign is a rather altruistic-spirited, nonprofit group whose well-intentioned goal is to bring attention to the ongoing genocide in western Darfur region of Sudan.

Allyn Brooks-LaSure, a spokesman with the group, says the group contacted the FBI after someone last week gained unauthorized access to its email and web servers. While Brooks-LaSure is certain the identity of the attackers, he did note that the IP addresses of the hackers were located in China. He states, "Someone in Beijing is trying to send us a message."
[DailyTech...]  [Comments...]

See also

None found.

Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either