Watering hole attack targets Chinese dissidents

By
Follow google news

Internet Explorer hole used to spy on activists.

Chinese news sites have been infected in a bid to compromise dissidents in the country, according to security firm FireEye.

Watering hole attack targets Chinese dissidents

The so-called watering hole attack infected news sites popular with targets. When dissidents vist the site, they would be infected with malware. 

The attack used an Internet Explorer 8 vulnerability patched this month, researchers Thoufique Haq and Yasir Khalid said, adding the bug would likely be rolled into other exploits.

"This is clearly a targeted attack on a very narrow portion of the Chinese populous," they said.

"However, since cyber attackers are quick copycats, we expect this exploit to be replicated quickly."

They said the attack resembled a watering hole attack launched late last year against the website for the policy think tank Council on Foreign Relations, the influential membership group that helps shape USforeign policy.

In December, the site was hijacked with malicious JavaScript to serve an Adobe Flash exploit, which in turn triggered a heap-spray attack, according to researchers at security firm FireEye.

The malware was delivered to users whose operating system language was set to English, Chinese, Japanese, Korean or Russian.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
chinesesecuritywatering hole

Sponsored Whitepapers

Fintech compliance made fast and secure
Fintech compliance made fast and secure
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)
The cloud tipping point
The cloud tipping point

Events

Most Read Articles

Microsoft releases fix for flawed January security update

Microsoft releases fix for flawed January security update
Starlink faces high-profile security test in Iran crackdown

Starlink faces high-profile security test in Iran crackdown
Microsoft patches single-click Copilot data stealing attack

Microsoft patches single-click Copilot data stealing attack
Vic Education database breached via school's network

Vic Education database breached via school's network
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?