Trojan horse
Researchers claim to have discovered a centralised group of Trojan activity based in China

China accused of Trojan onslaught

Trail leads back to China-based operations including a government website

Written by Matt Chapman

vnunet.com, 04 Dec 2007

China is to blame for a wave of Trojans infecting PCs around the world, according to a new study.

Web security firm Finjan claims to have uncovered groups distributing content using obfuscated code and a network of websites to bypass traditional security, including one site belonging to a Chinese government office.

Advertisement

Finjan's Malicious Code Research Center said that it discovered a centralised group of activity based in China after investigating a sophisticated attack that used zero-day exploits and other new hacking techniques.

The company's researchers found that some parts of the network led to Trojan sites that exploit browser vulnerabilities and install malware on the user's desktop.

"Once the user's PC has been infected the Trojan starts to send data to other websites in the network which are hard to detect," the report said.

"Additional sites in the network monitor and control the attack using statistics about how many users visit the site and how many got infected."

The Trojans also collect data from the user, including which operating system is used, the applications that are running, personal information such as user names and passwords, and the security products installed.

Finjan explained that the collected information is then fed into other sites which refine the attack.

The news comes as MI5 warned 300 UK chief executives and security experts of an increased risk from Chinese hackers.

A previous attack on UK government servers was blamed on hackers in China, while other governments have also named the country.

These include an attack on the Pentagon in September, one in France in the same month and daily internet attacks in Germany in October.

"This development is disturbing for governments, enterprises and individuals alike," said Yuval Ben-Itzhak, chief technology officer at Finjan.

"Signature-based technologies like antivirus and URL filtering are limited against this type of attack, as the number of vectors and sophisticated structure of the network of websites can bypass traditional information security technology."

Full details of the Finjan study will be revealed later this month.

Tags:

Comments

Have your say on this article

White papers

Related jobs

More Accounting jobs

Most read

Most commented

Special Reports

Latest

Spotlight

Top 30 Accounting Networks and Associations 2008

The race to become the biggest firm on the planet...

Barack Obama Accountancy Age cover October 2008

Obama: asset or liability?

What an Obama presidency could mean for you

Richard Jones, Cineworld FD

Profile: Richard Jones, FD of Cineworld

As FD of the UK’s second biggest cinema chain, Cineworld...

Find your next job

Find your next job
Salary Checker

Job of the week

More finance jobs

Newsletters

Sign up here for the very latest news delivered to your inbox. Choose from the following options:

Your next job

Have your say

THE BIG QUESTION: TAX CUTS
Will proposed tax cuts help to stimulate the economy?
Yes
No

Advertisement

Search white papers

Search white papers

Advertisement