2010-01-15

Security Lab identify Chinese gov as GMail attackers

I made a post a couple of days ago about Google reporting an attack on their GMail service in China in order to identify opponents to the government and also that they have decided to run uncensored search results or leave the country.

Well, it appears that the attackers were nobody else than the Chinese Government:
VeriSign's iDefense security lab has published a report with technical details about the recent cyberattack that hit Google and over 30 other companies. The iDefense researchers traced the attack back to its origin and also identified the command-and-control servers that were used to manage the malware.
[...]
Citing sources in the defense contracting and intelligence consulting community, the iDefense report unambiguously declares that the Chinese government was, in fact, behind the effort. The report also says that the malicious code was deployed in PDF files that were crafted to exploit a vulnerability in Adobe's software.
[...]
Adobe disputes iDefense's claim that PDFs were used to deploy the malware. In a statement issued today, Adobe says that they have found no evidence that their technology was used as an attack vector in this recent incident. This is supported by independent research conducted by security firm McAfee, which has found evidence that a vulnerability in Internet Explorer—but not Acrobat Reader—was exploited in the attack.

No comments: