Chinese hackers attacked web site with an malicious software (malware) that target only certain visitors, which include several US defense institutions and financial services, according to cyber security companies, iSIGHT. According to iSIGHT and Invincea, someone compromised this application for three days (November 28 until December 1, 2014) or more and redirected certain users to a secondary website where they were targeted by malware. They took advantage of a vulnerability in Adobe Flash that runs on the web site, exploiting zero-day vulnerabilities . Since then, security holes have been resolved.

Even if all site visitors were exposed to malware, the number of those infected is much lower, showing specialists.

“Based on our visibility, the campaign was only active on the website for a brief duration – lasting from November 28th through December 1st of 2014. It should be noted that our visibility is limited and there is a possibility of a longer duration of activity.”

“Although the website is one of the most heavily trafficked in the world, we believe the campaign to be highly targeted in nature. We do not believe this to be an operation intent on infecting millions of victims but cannot state with certainty true numbers”, iSIGHT reports.

iSIGHT has tracked Chinese cyber espionage operators Codoso Team since at least 2010. The group is known to target multiple industries including:

  • Defense
  • Finance
  • Energy
  • Government
  • Political Dissidents
  • Global Think Tanks