New Cyber Attack Launched against Dalai Lama’s “Central Tibetan Administration”

According to warning by security firm Kaspersky, a massive cyberattack has struck the website of Central Tibetan Administration (CTA) which is the official organ of 'His Holiness' Dalai lama's exiled government.

Notably, Dalai Lama, 78 year old exiled spiritual leader of Tibet, fled China and came to India in 1959 after an unsuccessful revolution against Chinese rule.

The attack is specially targeting Chinese speaking users with the code placed within an iframe which redirects users to another website. There the users are exposed to a malicious exploit that tries to hijack their computers using a Java flaw from 2012. The attack, however, does not target English speakers or Tibetan Internauts.

Securelist.com published a report on 12th August, 2013 quoting Kurt Baumgartner, a Lab Expert at Kaspersky, as saying that the attack is targeted precisely, as an attached, embedded iframe redirecting visitors of 'Xizang-zhiye(dot)org (the CN translated edition of the website) to a Java exploit which sustains a backdoor payload. The English as well as the Tibetan variants of the sites do not preserve this iframe when embedded on the Chinese version. At this point of time it looks that few machines targeted by this code are placed in China and US."

Businessspectator.com.au published a report quoting Baumgartner saying that the site of Central Tibetan Administration has been constantly attacked by one gang of hackers ever since 2011 although breaches have been recognized and mended before public attention could be garnered.

He also believes that the same set of hackers has repeatedly contaminated the website with malware which robotically drops computer viruses on machines which are running Windows, from Microsoft Corp's and Apple's Mac OS (Operating Systems).

Conclusively, the attack on the aforementioned Tibetan website, Central Tibetan Administration is the most recent in a sequence of such web attacks launched against Tibetan websites ever since 2011. In April 2013, cybercriminals employed embezzled digital certificates to mark malware which was being installed on the Tibetan Homes Foundation as a part of an additional major attack. And before that another attack which utilized a hijacked Twitter account to send maligned tweets to Tibetan activists was launched.

» SPAMfighter News - 8/21/2013