Afghan Government Websites Likely Target of Chinese Hackers, says ThreatConnect

ThreatConnect the security company recently released one fresh report according to which, people visiting a number of websites belonging to Afghan government are likely to get their computers contaminated as a result of malware served from those sites, which hackers, understandably linked to China, hijacked via CDN (content delivery network), so published securityweek.com dated December 23, 2014.

Many-a-times suspicion arose against Chinese cyber-attackers as impairing PC-networks of reputed companies within USA. But as per ThreatConnect's report, cyber-criminal gangs operating from China seem as attacking other countries too.

The TCIRT (ThreatConnect Intelligence Research Team) found in the latest malicious attack that hackers hijacked one JavaScript file let to remain on cdn.afghanistan.af, the website that the Communications and IT Ministry of Afghan government used for hosting material already exhibited on many sites having .gov.af domain-names.

Doubt has been cast on China for its apparent involvement in the attack, currently given the name "Operation Poisoned Helmand," because of dual key reasons.

First, the attack took place during one bilateral meeting of significant nature which related to developments between Abdullah Abdullah, CEO from Afghanistan and Li Keqiang, PM of China. Indeed, the attackers modified the two dignitaries' image that they utilized for propagating the malware within simply a few hours of its possible shooting, TCIRT asserted.

One likewise trick was played some months ago during June 2014 at the time Li met Antonis Samaras Prime Minister of Greece inside Athens while security researchers discovered one malevolent Java file let to remain on the site belonging to Greek Embassy within Beijing.

Secondly according to the assertion by TCIRT, the Java file discovered within the assault in discussion used a source code that was also of another Java applet that the Team detected on a URL linked to Operation Poisoned Hurricane assaults that too were thought as associated with China, previously.

It's hoped in China that the country would more actively get involved in Afghanistan like USA, while NATO countries gradually relax their military maneuvers there.

Notably, the malware found compromising the sites of Afghanistan government happened after one cyber-assault that lately got waged against Sony Pictures Entertainment PCs in USA.

» SPAMfighter News - 1/1/2015