Chinese spy team hacks Forbes.com: security firms

Chinese spy team hacks Forbes.com: security firms

SAN FRANCISCO - US cyber security firms on Tuesday said that a Chinese espionage team hacked Forbes magazine to hunt defense contractors, financial firms, and other unsuspecting prey visiting the popular news website.

US cyber security firms say that a Chinese espionage team hacked Forbes magazine to hunt defense contractors, financial firms, and other unsuspecting prey visiting the popular news website

Invincea and iSight Partners detailed what they described as a "watering hole" campaign late last year that took advantage of Forbes.com and other legitimate websites.

"A Chinese advanced persistent threat compromised Forbes.com to set up a watering hole style web-based drive-by attack against US defense and financial services firms in late November 2014," Invincea said in a report posted at its website.

The "brazen attack" took advantage of Adobe Flash and Internet Explorer vulnerabilities which have since been patched, according to Invincea.

Watering hole attacks typically involve hackers breaking into websites popular with their desired targets and then booby-trapping venues with viruses to infect visitors.

The cyber espionage campaign focused on Forbes.com appeared to last only a few days, but the security firms said deeper investigation could determine it went on for a longer period of time.

ISight believed that the culprits behind the attack were Chinese cyber espionage agents it called Codoso Team but also referred to as Sunshop Group.

The group has been linked to previous cyber spying campaigns against US government; military; defense industrial; think tanks covering foreign affairs; financial services; energy firms, and political dissidents, according to security researchers.

Rather than spreading malicious code to the machines of the millions of people who visited Forbes.com, the hackers appeared to be after select targets such as defense and financial services firms, according to iSight.

Further investigation reportedly revealed a set of websites being used by Codoso to target dissident groups.

Given that Forbes.com is ranked the 61st most popular website in the United States and the 168th most popular in the world, the reach of the espionage campaign could be vast, security researchers said.

Do you like the content of this article?
COMMENT

Excise chief flip-flops as department rejects 50% tax cut

The Excise Department has turned down car makers' proposed 50% tax cut, fearing prices of all vehicles in the market will decline further if the reduction is implemented, the department's chief says.

12:00

China faces mounting criticism over Hong Kong security law

BEIJING: China faced growing international pressure on Friday over its move to impose a security law on Hong Kong that critics say will destroy the city's autonomy, with the United States and Britain placing the issue before the UN Security Council.

11:45

Pompeo says Trump to act against Chinese student spies

WASHINGTON: The United States will take action to prevent alleged espionage by Chinese students, Secretary of State Mike Pompeo said on Thursday, ahead of an expected announcement by President Donald Trump.

11:45