Trojan horse
Researchers claim to have discovered a centralised group of Trojan activity based in China

China accused of Trojan onslaught

Trail leads back to China-based operations including a government website

Written by Matt Chapman

vnunet.com, 04 Dec 2007

China is to blame for a wave of Trojans infecting PCs around the world, according to a new study.

Web security firm Finjan claims to have uncovered groups distributing content using obfuscated code and a network of websites to bypass traditional security, including one site belonging to a Chinese government office.

Finjan's Malicious Code Research Center said that it discovered a centralised group of activity based in China after investigating a sophisticated attack that used zero-day exploits and other new hacking techniques.

The company's researchers found that some parts of the network led to Trojan sites that exploit browser vulnerabilities and install malware on the user's desktop.

"Once the user's PC has been infected the Trojan starts to send data to other websites in the network which are hard to detect," the report said.

"Additional sites in the network monitor and control the attack using statistics about how many users visit the site and how many got infected."

The Trojans also collect data from the user, including which operating system is used, the applications that are running, personal information such as user names and passwords, and the security products installed.

Finjan explained that the collected information is then fed into other sites which refine the attack.

The news comes as MI5 warned 300 UK chief executives and security experts of an increased risk from Chinese hackers.

A previous attack on UK government servers was blamed on hackers in China, while other governments have also named the country.

These include an attack on the Pentagon in September, one in France in the same month and daily internet attacks in Germany in October.

"This development is disturbing for governments, enterprises and individuals alike," said Yuval Ben-Itzhak, chief technology officer at Finjan.

"Signature-based technologies like antivirus and URL filtering are limited against this type of attack, as the number of vectors and sophisticated structure of the network of websites can bypass traditional information security technology."

Full details of the Finjan study will be revealed later this month.

Enjoyed this article? Help spread the word:

Comments

Reader comments for this story
Post your comment Post your comment   What is this?

Also read

Related articles

White papers

Related jobs

Most read

Most commented

Special Reports

Latest

Spotlight

Profile: Ian Powell, chairman of PwC

Being number one isn't enough for PwC chairman Ian Powell....

Credit crunch special: guiding business through the storm

The downturn is hurting and recession looms. Will accountants be...

Beat the credit crunch with Young Professional

Latest issue features a guide to advancement during economic uncertainty,...

Find your next job

Find your next job
Solve your clients debt problem with a ClearDebt IVA
Salary Checker

Newsletters

Sign up here for the very latest news delivered to your inbox. Choose from the following options:

Search white papers

Search white papers

Have your say

THE BIG QUESTION: SCRAPPING STAMP DUTY
Would rumoured Treasury moves to abolish stamp duty do anything to help the housing market?
Yes, scrapping stamp duty has been a long time coming
No, any move is far too little, too late

Job of the week

More finance jobs...

Your next job