Best State of Art IT Security Solutions
The best Innovative and powerful IT Security products

You are here: SecPoint & IT Security News

Japan VS China Jinan Cyber War Attacks

Seculert malware research professionals have recently uncovered Chinese malware directed to the Japanese government... specifically a spear-phishing threat... that is also the same geographical location from which the recent Google attacks were deployed. These highly targeted malware were definitely from China. They were back-traced to the region that's believed to be the origin of the Project Aurora assault as well. The modus operandi is the same (a spear-phishing campaign using infected PDFs),  so it's not a stretch of the imagination to believe that Project Aurora and these attacks on Japan government websites are done by the same person or the same hacker group.

According to Seculert CTO Aviv Raff

Aside from having the same MO.

The PDF-based spear-phishing attack was also found to report back to a Chinese IP address with the same site as the previous aforementioned Project Aurora attacks. It's just the initial parts of a major hack attack, Raff suspects. At first, it was believed that a Korean location was the origin of the malware, because some of its samples that communicated with government websites from Japan were reporting back to Korea. Nevertheless, the IP address 123.234.29.35... which originates from the Shandong Province capital of Jinan in China... was also contacted by the malware sample.
 
This is a huge break on this cyber criminal case because an irrefutable connection has finally been established between a long-running cyber attack to another one. It was only after the malicious software linked with the new server that it would try to acquire a new payload, which suggests that the Chinese IP truly is the location where the mastermind for this cyber attack is hiding. Raff also claims that the exploit took advantage of the recently patched Java vulnerability previously reported in the article, "Purloined Certificate Included Malicious Java Software". It also came in the classic hacker "email attachment" method of delivery.

Jinan is believed to be Vice City

Central when it comes to Chinese cybercrime.

Particularly when it comes to attacks of the spear-phishing method. Then again, Jinan (the place) shouldn't be held responsible for the cybercrimes committed by those headquartered in the Shandong Province Capital. The people that should be blamed is the gang of mischievous pranksters out to hack China's most traditional enemies, the United States and Japan. The region of hackers even had the gumption and moxie to target Google and other e-businesses in order to complete its mysterious Project Aurora scheme. Google was so affected by the cyber attacks from these online outlaws and virtual villains that it had to relocate to Hong Kong altogether and pulled out from its headquarters in China. 

Utm firewall Appliance

Powerful UTM Firewall, Vulnerability Scanner, WiFi Penetration Testing software

SecPoint is specialized to deliver the best IT security solutions and products.

Compatible with Product
Securely protected by SecPoint
Customer reference King Customer reference New York Customer reference ROC Customer reference Rochdale Customer reference Roscrea Customer reference Tradetracker Customer reference Unicef Customer reference King Customer reference New York Customer reference Roc Customer reference Rochdale Customer reference Roscrea Customer reference Tradetracker Customer reference Unicef