Hackers turn China security report into Trojans

Summary:Hackers create malicious versions of a report released by Mandiant which linked cyberattacks to the Chinese army, but the IT security vendor says its system is not breached.

Hackers have embedded viruses into a security report which linked the Chinese army to cyberattacks on U.S. companies, infecting computers that download digital versions of the 60-page report. 

Mandiant PDF
An e-mail attached with the malware-infected version of the Mandiant report. (Source: Symantec)

When downloaded, the tainted versions would allow hackers to remotely control infected computers after users attempted to read the report which was released last week by U.S. IT security vendor, Mandiant.

blog post by Symantec said hackers used the report as "bait", embedding a malware called, Trojan.Pidief, into fake reports which displayed a blank PDF document when opened. Unbeknownst to users, the tainted report would trigger the exploit code for Adobe Acrobat and Reader Remote Code Execution Vulnerability. 

Symantec highlighted an e-mail in Japanese purported to be from someone in the media industry which contained a PDF attachment of the fake Mandiant report. 

In its report, Mandiant pointed to a 12-storey building in Shanghai, China, which it claimed was operated by a government-sponsored online epionage group. Known as APT1, the hacker group had targeted U.S. businesses and government organizations, the security vendor said, noting that the high number of APT1 IP addresses "betrays the true location and language of the operators". 

The Chinese Ministry of Defence had refuted the claims and called out the report for lacking any technical basis to conclude the source of attacks were from China. 

Topics: Security, China

About

Eileen Yu began covering the IT industry when Asynchronous Transfer Mode was still hip and e-commerce was the new buzzword. Currently a freelance blogger and content specialist based in Singapore, she has over 15 years of industry experience with various publications including ZDNet, IDG, and Singapore Press Holdings. Eileen majored i... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.