Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Chinese hackers reportedly took classified data on MH370 a day after it went missing

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 21 Aug 2014 09:40:55 +0000 (UTC)
http://www.washingtonpost.com/blogs/the-switch/wp/2014/08/20/chinese-hackers-reportedly-took-classified-data-about-mh370-a-day-after-it-went-missing/

By Jiaxi Lu
The Washington Post
August 20, 2014
Five months after Malaysia Airlines flight 370 went missing, a report emerged on Wednesday saying that Chinese hackers have targeted Malaysian government departments involved in the search for the jet.
According to the Malaysian newspaper the Star, on March 9, Malaysian officials received a malware disguised as a news report claiming the MH370 had been found -- a day after the flight disappeared from radar while en route from Kuala Lumpur to Beijing with 239 people on board. The newspaper cited Amirudin Abdul Wahab, chief executive of CyberSecurity Malaysia, a government agency under the Science, Technology and Innovation Ministry.
The newspaper said that a user clicked on a PDF document attached to the e-mail and released the malware unknowingly to about 30 computers belonging to high-ranking officials at agencies involved with the MH370 investigation. CyberSecurity Malaysia received reports from the administrators saying their network was congested with e-mails going out of their servers. Targeted agencies included Malaysia's Civil Aviation Department, the National Security Council and Malaysia Airlines, most of them owned by the government, according to the Star.
"Those e-mail contained confidential data from the officials’ computers, including the minutes of meetings and classified documents. Some of these were related to the MH370 investigation,” Wahab said, according to the Star. “This was well-crafted malware that antivirus programs couldn't detect. It was a very sophisticated attack."
Wahab added that CyberSecurity Malaysia was able to block the transmissions of the data but that some information had already been sent from those hacked computers to an IP address that was tracked to China. Wahab said he suspects the motivation for the hacking was the MH370 investigation. 

[...]


--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
Previous By Date Next
Previous By Thread Next

Current thread: