Threatwatch

Dalai Lama’s site infected with spyware

Cyber espionage; Social engineering; Software vulnerability

Hackers have snuck malicious code into the website of the Central Tibetan Administration, a site belonging to the Dalai Lama’s government-in-exile, that can spy into the computers of site visitors.

The “watering hole” attack redirects only Chinese-speaking visitors to another site. There, the users are exposed to an exploit that takes advantage of a 2012 Java vulnerability in computer software.

The attack does not affect English-speaking or Tibetan visitors.

 “At this point in time, it seems that the few systems attacked with this code are located in China and the US, although there could be more,” Kurt Baumgartner, a security researcher at Kaspersky Lab, wrote in an analysis of the attack.

sector

Government (Foreign); Nonprofit

reported

August 12, 2013

reported by

Kaspersky Lab

number affected

Unknown

location of breach

Tibet

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

2013