China seen targeting banks, military in Forbes Web attack

Flash and Internet Explorer vulnerabilities were used in targeted attack, say security companies

A Chinese hacking group infiltrated the site in November and used it to launch targeted attacks against website visitors from US. banking and defense companies, according to a cybersecurity company.

The attack took place over a period of several days, starting Nov. 28, and took advantage of unpatched vulnerabilities in Adobe Flash and Microsoft Internet Explorer 9, according to ISight Partners. The vulnerability was kept quiet until Tuesday, when Microsoft issued a patch to plug the security hole in its web browser. Adobe had previously published a patch for Flash.

The attack used a Flash vulnerability and was launched from the "Thought of the day" Flash widget that appears when people first visit the financial magazine's site, said Invincea, a second cybersecurity company that independently detected the attack.

ISight said the attack has the fingerprints of a Chinese hacking group known by security researchers as either Codoso or Sunshop Group. It said technical indicators in the malware as well as use of the same undisclosed vulnerabilities as used in other hacks by Chinese groups led to this conclusion.

Among ISight's evidence: some of the malware code was written in simplified Chinese, used in mainland China, and it bore a resemblance to the "Derusbi" malware that is unique to Chinese hackers. The command system for the malware relied on an Internet domain previously used in Chinese hacks and pointed to web pages that had been used in Chinese attacks in the past.

The group has been active since at least 2010 and targets companies in the defense, finance and energy industries, governments, political dissidents and think tanks, said ISight.

The company said previous hacks by the group have included an attack on the website of the Norwegian Nobel Peace Prize committee in 2010, a spear-phishing attack against government users in 2011 and an attack on websites related to the Uyghur minority in China in 2013.

Martyn Williams covers mobile telecoms, Silicon Valley and general technology breaking news for The IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn's e-mail address is

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags patchesintrusioniSight PartnerssecurityInvinciamalware

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Martyn Williams

IDG News Service
Show Comments

Most Popular Reviews

Latest News Articles


GGG Evaluation Team

Kathy Cassidy


First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni


For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell


The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi


The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott


My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?