Hackers target Chinese supporters of the Dalai Lama, plant malware on Tibetan website

Graham Cluley

Dalai LamaIt probably doesn’t take a genius to work out who would have the greatest motive for spying on Chinese supporters of the Dalai Lama.

The Tibetan Government in Exile is no stranger to being on the receiving end of hacking and malware attacks, having been battered by a series of attacks assumed to have originated in China over the years.

In the latest incident, researchers at Kaspersky Lab have warned internet users to stay away from the Chinese-language version of the Central Tibetan Administration’s website, after discovering that it exploits a Java vulnerability to drop spyware onto visiting computers.

Hacked Tibetan website

This is what is known in computer security circles as a “watering hole attack”.

Hackers breach a website known to be visited by a particular group of targets, rather than directly launch an attack against the targets themselves. Eventually someone visits the “watering hole” and their computer ends up poisoned and compromised.

Once again, it’s important to stress how important it is to keep web servers, and the software running on them, up-to-date with security patches to lessen the chances of hackers being capable of embedding malicious code.

The hackers may not actually be that interested in stealing information from your website and its servers, but may be much keener to spy upon and exploit the computers which visit it.

Read more about this particular attack in this blog post by Kaspersky Lab researcher Kurt Baumgartner.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.
Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET UPDATES