Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Chinese Spy Team Hacks Forbes.com: Security Firms

San Francisco – US cyber security firms on Tuesday said that a Chinese espionage team hacked Forbes magazine to hunt defense contractors, financial firms, and other unsuspecting prey visiting the popular news website.

San Francisco – US cyber security firms on Tuesday said that a Chinese espionage team hacked Forbes magazine to hunt defense contractors, financial firms, and other unsuspecting prey visiting the popular news website.

Invincea and iSIGHT Partners detailed what they described as a “watering hole” campaign late last year that took advantage of Forbes.com and other legitimate websites.

“A Chinese advanced persistent threat compromised Forbes.com to set up a watering hole style web-based drive-by attack against US defense and financial services firms in late November 2014,” Invincea said in a report posted at its website.

The “brazen attack” took advantage of Adobe Flash and Internet Explorer vulnerabilities which have since been patched, according to Invincea.

Watering hole attacks typically involve hackers breaking into websites popular with their desired targets and then booby-trapping venues with viruses to infect visitors.

The cyber espionage campaign focused on Forbes.com appeared to last only a few days, but the security firms said deeper investigation could determine it went on for a longer period of time.

iSIGHT believed that the culprits behind the attack were Chinese cyber espionage agents it called Codoso Team but also referred to as Sunshop Group.

The group has been linked to previous cyber spying campaigns against US government; military; defense industrial; think tanks covering foreign affairs; financial services; energy firms, and political dissidents, according to security researchers.

Advertisement. Scroll to continue reading.

Rather than spreading malicious code to the machines of the millions of people who visited Forbes.com, the hackers appeared to be after select targets such as defense and financial services firms, according to iSIGHT.

Further investigation reportedly revealed a set of websites being used by Codoso to target dissident groups.

Given that Forbes.com is ranked the 61st most popular website in the United States and the 168th most popular in the world, the reach of the espionage campaign could be vast, security researchers said.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.