1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

China-based hackers used Microsoft's TechNet for attacks

Discussion in 'Network World' started by RSS, May 14, 2015.

  1. RSS

    RSS New Member Member

    Microsoft has taken steps to stop a China-based hacking group from using its TechNet website as part of its attack infrastructure, according to security vendor FireEye.

    The group, which FireEye calls APT (advanced persistent threat) 17, is well-known for attacks against defense contractors, law firms, U.S. government agencies and technology and mining companies.

    TechNet is highly trafficked website that has technical documentation for Microsoft products. It also has a large forum, where users can leave comments and ask questions.

    APT17—nicknamed DeputyDog—created accounts on TechNet and then left comments on certain pages. Those comments contained the name of an encoded domain, which computers infected by the group’s malware were instructed to contact.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page