Christian de Looper, Tech Times

Forbes.com was hacked, reportedly by Chinese hackers, back in November, with the hackers using the website to infiltrate U.S. banking and defense companies.

The attack took place over a number of days and used vulnerabilities in Adobe Flash and Microsoft's Internet Explorer 9.

"The hackers tinkered with the Adobe Flash widget that delivers the Thought of the Day page that visitors to Forbes.com are taken to when they visit the site," said Forbes in a report. "The attackers did this to send specially-chosen visitors to a hacker-controlled site that would serve up an exploit against a zero-day vulnerability in Flash and, if it was needed, another flaw in Microsoft's Internet Explorer."

According to the report, Forbes discovered an altered file on its servers on Dec. 1, two days after the attack took place on Nov. 28. The file was subsequently reverted back to the way that it was supposed to be and Forbes launched an investigation into the hack. Those investigating the hack say that there have not been any hacks since late November launched from Forbes.

According to ISight, the attack has fingerprints from Chinese hackers on it, specifically a hacking group known by security researchers as Codoso or Sunshop Group. ISight also said that technical indications in the malware used took advantage of the same undisclosed vulnerabilities as used by other Chinese hacking groups.

Not only do the technical fingerprints point to Chinese hackers, but some of the code of the malware was also written in simplified Chinese.

The hacking group that ISight suggests are to blame has been active since 2010 and it targets defense, energy, finance, government and other companies. It has, in the past, hacked the likes of the Norwegian Nobel Peace prize committee.

Both the flaw in Flash and in Internet Explorer 9 has been patched. Adobe patched Flash's flaw on Dec. 9 and Microsoft finally released a patch for the flaw in Internet Explorer 9 as part of its "Patch Tuesday" release on Feb. 10.

"So here's what we know right now: The hackers used two zero-days to launch attacks on a specific subset of readers and there haven't been any reported cases of successful exploitation, though they could exist," continued the report. "The attackers have not been able to establish any foothold on Forbes' network. Chinese hackers appear to be the most likely suspects, but there's no definitive proof."

There's no word yet on exactly what kind of information the hackers may have stolen or accessed through the hack.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags: Forbes hackers Chinese Hackers Codoso Sunshop Group Malware
Join the Discussion

Related Article