Categories: SecurityWorkspace

Tibetans Targeted As Dalai Lama Site Hacked To Serve Malware

The Central Tibetan Administration website has been hacked to serve up a Java exploit that drops advanced malware, marking the latest attempt to compromise people hoping for freedom from Chinese control in the province.

The site is one of the Dalai Lama’s official sites. Those who visited xizang-zhiye(dot)org were redirected, via an embedded iframe, to an exploit that leads to the download of the Swisyn Trojan, Kaspersky said.

Tibetans attacked

“At this point in time, it seems that the few systems attacked with this code are located in China and the US, although there could be more,” said Kurt Baumgartner, Kaspersky Lab expert, said in a blog post.

“Backdoors detected with the Swisyn verdict are frequently a part of APT [advanced persistent threat] related toolchains, and this one most certainly is.”

The attacker has been targeting Tibetans since at least 2011, Baumgartner said, often using watering hole attacks, where sites the hacker believes his targets will visit are compromised to serve malware.

Apple machines have also been targeted, whilst spear phishing has also been in use.

Tibetans see plenty of attempts to breach their systems every day, with spear phishing a constant threat. China is often suspected of sponsoring the attacks, just as it was when Android malware appeared in April, posing as a legitimate communications app called Kakao Talk.

China is also suspected of attacks on other activists it considers a threat. Last month, TechWeekEurope revealed attempts on Falun Gong activists with zero-day malware.

China has consistently denied it sponsors any kind of hacking.

What do you know about Internet security? Find out with our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Amazon Workers Go On Strike Across US

Amazon staff in seven cities across US go on strike after company fails to negotiate,…

11 mins ago

Senators Ask Biden To Extend TikTok Ban Deadline

Two US senators ask president Joe Biden to delay TikTok ban by 90 days after…

40 mins ago

Journalism Group Calls On Apple To Remove AI Feature

Reporters Without Borders calls on Apple to remove AI notification summaries feature after it generates…

1 hour ago

North Koreans Stole $1.34bn In Crypto This Year

North Korea-liked hackers have stolen a record $1.34bn in cryptocurrency so far this year, as…

2 hours ago

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago