Dalai Lama’s site infected with spyware
Cyber espionage; Social engineering; Software vulnerability
Hackers have snuck malicious code into the website of the Central Tibetan Administration, a site belonging to the Dalai Lama’s government-in-exile, that can spy into the computers of site visitors.
The “watering hole” attack redirects only Chinese-speaking visitors to another site. There, the users are exposed to an exploit that takes advantage of a 2012 Java vulnerability in computer software.
The attack does not affect English-speaking or Tibetan visitors.
“At this point in time, it seems that the few systems attacked with this code are located in China and the US, although there could be more,” Kurt Baumgartner, a security researcher at Kaspersky Lab, wrote in an analysis of the attack.
Government (Foreign); Nonprofit
August 12, 2013
Link to report
location of breach
location of perpetrators
date breach occurred
date breach detected