1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

China-based hackers used Microsoft's TechNet for attacks

Discussion in 'CSO' started by RSS, May 15, 2015.

  1. RSS

    RSS New Member Member

    Microsoft has taken steps to stop a China-based hacking group from using its TechNet website as part of its attack infrastructure, according to security vendor FireEye.

    The group, which FireEye calls APT (advanced persistent threat) 17, is well-known for attacks against defense contractors, law firms, U.S. government agencies and technology and mining companies.

    TechNet is highly trafficked website that has technical documentation for Microsoft products. It also has a large forum, where users can leave comments and ask questions.

    MORE ON CSO: How to spot a phishing email

    APT17 -- nicknamed DeputyDog -- created accounts on TechNet and then left comments on certain pages. Those comments contained the name of an encoded domain, which computers infected by the group's malware were instructed to contact.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page