Chinese-speaking individuals visiting the website for the Central Tibetan Administration are being targeted with a Java exploit that installs advanced malware on their machines.
According to researchers at security firm Kaspersky Lab, the official site for the Tibetan government-in-exile, led by the Dalai Lama, was seeded with a backdoor that takes advantage of a vulnerability in Java, CVE-2012-4681, which was fixed by Oracle roughly a year ago.
The incident bears the signature of a watering hole attack, in which espionage malware is planted on a legitimate site, and then the attackers wait for their desired victims to visit and take the bait. (more)
Wednesday, 14 August 2013
Spy Malware Buried on Official Tibetan Website
Posted on 15:23 by Unknown
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment