Cyber threat: Chinese hackers spreading virus through high court replica websites in India?
New Delhi: Chinese hackers may be using websites similar to those of 19 high courts in the country to spread computer virus which can convert the user's system into a virtual zombie, a security expert has claimed before the CBI.
Commander (Retd.) Mukesh Saini, former naval officer who is a cyber security consultant, brought the nefarious designs of these alleged hackers to the notice of Cybercrime wing of the CBI recently, which is looking into it.
In his report, Saini highlighted the modus operandi of these websites which have addresses similar to the original ones - for example Delhi High Court address is 'http://delhihighcourt.nic.in' while the phishing website address is 'http://delhi.highcourt.in'.
"When we analysed the website script, we found that the server had a '.cn' location. Also we found that script used in the website was a declared malware program. These sites are dangerous because even if a user accidentally accesses them, the malware spreads in his or her system.
"The program is designed in such a way that user's system functions normally but hackers can use it to extract any information without the user knowing it," he claimed.
Such websites came to the notice of Saini, founder of cyber security firm 'Xcyss', when he was following a news report on an employment scam running through the fake website of Patna High Court. Further analysis revealed that there were identical websites of 19 high courts in the country.
The design of these replica websites was curious because it did not seek any information, such as financial details from the visitor, which prevents them of being suspicious.
When a detailed analysis of its program was done, it revealed that the purpose was allegedly to infect all the visitors of these sites and take remote control of the visitors of High Court websites which may include legal departments of government, advocates and litigants.
"It was an attempt to infect all the visitors of these sites and take remote control of the visitors of High Court websites, including police, CBI, legal departments of government, advocates and litigants," Saini said.
He claimed that these sites were operating since 2006 and as per the records gathered by his firm, these sites were infecting Indian computers since January 2009.
"Hence, we thought it right to inform the authority concerned and seeing the transnational impact of this, I gave a report to the CBI which is examining it and would take action suitable under the law," he said.
'China behind biggest ever cyber attack on India, US'
Boston: In the biggest ever series of cyber attacks uncovered to date, hackers were found to have broken into networks of the Indian government, United Nations and US defence companies, with security experts pointing to China as the culprit.
Targets for the intrusions in a five-year campaign covered 72 major organisations around the world, including the governments of India, US, South Korea, Vietnam, ASEAN, IOC and the world anti-doping agency, The Washington Post reported, quoting a McAfee report.
The networks breached included UN secretariat in Geneva, a US Energy Department lab and 12 major US defence firms engaged in top secret futuristic weapons system, the report said.
"The cyber snooping appears to have been going on for several years," the report said, tracing the hacking to at least one "state actor" behind the attack, but declined to name it, though the security experts said the evidence pointed to China.
"We were taken aback by the audacity of the perpetrators," McAfee vice president Dmitri Alperovitch said in a 14-page sensational report released on Wednesday.
"What is happening to all this data...is still largely an open question. However, if even a fraction of it is used to build better competing products or beat competitors at key negotiations, the loss will represent a massive economic threat," he said.
Alperovitch said McAfee had notified all the 72 victims of the cyber attacks, now under investigations by law enforcement agencies around the world.
He declined to give the names of the departments of the governments hacked or details of the companies infiltrated.
"This is the biggest transfer of intellectual property in history and the scale at which this is occurring is really frightening," the McAfee official said.
McAfee said that it had come across the extent of hacking in May and had dubbed the uncovering of the plot as 'Operation Shady RAT'.
The company said its researchers discovered logs of the attack while reviewing the contents of a "command and control server" as part of its investigations into security breaches of defence companies.
Intruders, according to McAfee report, sought data on US military system and satellite communication, among other prizes.
Targets for the intrusions in a five-year campaign covered 72 major organisations around the world, including the governments of India, US, South Korea, Vietnam, ASEAN, IOC and the world anti-doping agency, The Washington Post reported, quoting a McAfee report.
The networks breached included UN secretariat in Geneva, a US Energy Department lab and 12 major US defence firms engaged in top secret futuristic weapons system, the report said.
"The cyber snooping appears to have been going on for several years," the report said, tracing the hacking to at least one "state actor" behind the attack, but declined to name it, though the security experts said the evidence pointed to China.
"We were taken aback by the audacity of the perpetrators," McAfee vice president Dmitri Alperovitch said in a 14-page sensational report released on Wednesday.
"What is happening to all this data...is still largely an open question. However, if even a fraction of it is used to build better competing products or beat competitors at key negotiations, the loss will represent a massive economic threat," he said.
Alperovitch said McAfee had notified all the 72 victims of the cyber attacks, now under investigations by law enforcement agencies around the world.
He declined to give the names of the departments of the governments hacked or details of the companies infiltrated.
"This is the biggest transfer of intellectual property in history and the scale at which this is occurring is really frightening," the McAfee official said.
McAfee said that it had come across the extent of hacking in May and had dubbed the uncovering of the plot as 'Operation Shady RAT'.
The company said its researchers discovered logs of the attack while reviewing the contents of a "command and control server" as part of its investigations into security breaches of defence companies.
Intruders, according to McAfee report, sought data on US military system and satellite communication, among other prizes.
CIA chief warns cyber attack will be next 'Pearl Harbour', hackers target US Senate
A group of hackers have have claimed breaking-in into US Senate’s computers.
According to Daily Mail, the group which goes by the name Lulz Security is behind the attack. It has previously hacked into the US Public Broadcasting System and Sony’s website,
'They're all valid directories,' John Bumgarner, of the U.S. Cyber Consequences Unit, said after looking at data posted online. 'They probably also got user names and passwords,' he added.
The Lulz group posted the data it acquired after hitting US Public Broadcasting Service network websites online.
The International Monetary Fund had also become a target of cyber attacks. Experts described the attack as ‘large and sophisticated’ and said that it was ‘a very major breach’.
Recently CIA director Leon Panetta had warned that a large-scale cyber attack that could take down power, finance, security and governmental systems is a ‘real possibility’. He reportedly told Congress in a confirmation hearing that the US could face cyber warfare.
The next Pearl Harbor we confront could very well be a cyber attack that cripples our power systems,’ Panetta said. ‘We have to aggressively be able to counter that. It is going to take both defensive measures as well as aggressive measures to deal with it,’ he added.
According to Daily Mail, the group which goes by the name Lulz Security is behind the attack. It has previously hacked into the US Public Broadcasting System and Sony’s website,
'They're all valid directories,' John Bumgarner, of the U.S. Cyber Consequences Unit, said after looking at data posted online. 'They probably also got user names and passwords,' he added.
The Lulz group posted the data it acquired after hitting US Public Broadcasting Service network websites online.
The International Monetary Fund had also become a target of cyber attacks. Experts described the attack as ‘large and sophisticated’ and said that it was ‘a very major breach’.
Recently CIA director Leon Panetta had warned that a large-scale cyber attack that could take down power, finance, security and governmental systems is a ‘real possibility’. He reportedly told Congress in a confirmation hearing that the US could face cyber warfare.
The next Pearl Harbor we confront could very well be a cyber attack that cripples our power systems,’ Panetta said. ‘We have to aggressively be able to counter that. It is going to take both defensive measures as well as aggressive measures to deal with it,’ he added.
No comments :
Post a Comment