Dalai Lama’s Chinese website hacked

Dalai Lama website.jpg

Boston: A prominent computer security firm warned that the Dalai Lama’s Chinese-language website has been hacked and is infecting visitors’ computers with viruses in what may to be an effort to spy on human rights activists who frequently visit the site.
Kaspersky Lab researcher Kurt Baumgartner told Reuters on Monday that he is advising web surfers to stay away from the Chinese-language site of the Central Tibetan Administration, or CTA, until the organisation fixes the bug.
Technical evidence suggests the group behind the campaign was also responsible for previous breaches on that site as well as attacks on groups that focus on human rights in Asia, Baumgartner said.
Those breaches involved a two-stage attack technique known as “water holing,” where hackers first infect a site that is frequently visited by people whose computers they want to control. That compromised site automatically seeks to infect the PCs of all visitors, downloading malicious software that the hackers can use to take control of their computers.
Officials with the Office of Tibet in New York could not be reached for comment. That office is the official representative to the United States for the Dalai Lama, Tibet’s 78-year-old exiled spiritual leader, who fled China to India in 1959 after an abortive uprising against Chinese rule.
Beijing considers the globe-trotting monk and author a violent separatist and Chinese state media routinely vilify him. The Dalai Lama, who is based in India, says he is merely seeking greater autonomy for his Himalayan homeland.
Baumgartner said that the Chinese-language site of the Central Tibetan Administration, which is the official organ of the Dali Lama’s government in exile, has been under constant attack from the same group of hackers since 2011, though breaches have been quietly identified and repaired before garnering significant attention.
“They have been trying repeatedly to find vulnerabilities in the site,” he said. He said that it is safe to visit the group’s English and Tibetan sites.
He said he believes the same group of attackers has repeatedly infected the site with malicious software that automatically drops viruses on computers running Microsoft Corp’s Windows and Apple Inc’s Mac operating systems.
They infect machines by exploiting security bugs in Oracle Corp’s Java software, he said. An Oracle spokesperson had no immediate comment.
That gives them 'back doors' into those computers. “This is the initial foothold. From there they can download arbitrary files and execute them on the system,” Baumgartner said.
Will Gragido, a researcher with the RSA security division of EMC Corp who is an expert on water holing, said the attack on the Tibetan site had the look of a type of campaign known as an “advanced persistent threat,” or APT.
In some cases APTs are launched through tainted emails. In others this is done through “water holes,” which are named after specific locations that lions stake out to attack their prey, rather than travelling the wild to hunt them out.
“The CTA is a site most people are not going to traverse,” Gragido said. “They are less likely to see my grandmother traversing that site than they are somebody with a vested interest in seeing what’s going on in Tibet.”
In March of last year, the cybersecurity firm AlienVault Labs reported that it identified cyber attacks on Tibetan organisations including CTA and the International Campaign for Tibet.
AlienVault said those attacks were engineered by a Chinese APT group also responsible for the “Nitro” attacks on dozens of companies identified by Symantec Corp in 2011. The report of the cyber attack is the latest to involve human rights groups in greater China.
Human rights groups and other NGOs focused on China were hit by denial of service attacks that disrupted their websites and several said their emails were infiltrated during a spate of cyber attacks attributed to China in 2010 and 2011.

Post new comment

<form action="/comment/reply/250225" accept-charset="UTF-8" method="post" id="comment-form"> <div><div class="form-item" id="edit-name-wrapper"> <label for="edit-name">Your name: <span class="form-required" title="This field is required.">*</span></label> <input type="text" maxlength="60" name="name" id="edit-name" size="30" value="Reader" class="form-text required" /> </div> <div class="form-item" id="edit-mail-wrapper"> <label for="edit-mail">E-Mail Address: <span class="form-required" title="This field is required.">*</span></label> <input type="text" maxlength="64" name="mail" id="edit-mail" size="30" value="" class="form-text required" /> <div class="description">The content of this field is kept private and will not be shown publicly.</div> </div> <div class="form-item" id="edit-comment-wrapper"> <label for="edit-comment">Comment: <span class="form-required" title="This field is required.">*</span></label> <textarea cols="60" rows="15" name="comment" id="edit-comment" class="form-textarea resizable required"></textarea> </div> <fieldset class=" collapsible collapsed"><legend>Input format</legend><div class="form-item" id="edit-format-1-wrapper"> <label class="option" for="edit-format-1"><input type="radio" id="edit-format-1" name="format" value="1" class="form-radio" /> Filtered HTML</label> <div class="description"><ul class="tips"><li>Web page addresses and e-mail addresses turn into links automatically.</li><li>Allowed HTML tags: &lt;a&gt; &lt;em&gt; &lt;strong&gt; &lt;cite&gt; &lt;code&gt; &lt;ul&gt; &lt;ol&gt; &lt;li&gt; &lt;dl&gt; &lt;dt&gt; &lt;dd&gt;</li><li>Lines and paragraphs break automatically.</li></ul></div> </div> <div class="form-item" id="edit-format-2-wrapper"> <label class="option" for="edit-format-2"><input type="radio" id="edit-format-2" name="format" value="2" checked="checked" class="form-radio" /> Full HTML</label> <div class="description"><ul class="tips"><li>Web page addresses and e-mail addresses turn into links automatically.</li><li>Lines and paragraphs break automatically.</li></ul></div> </div> </fieldset> <input type="hidden" name="form_build_id" id="form-ca5b6f68a30895ac64fb096e4d9fb89a" value="form-ca5b6f68a30895ac64fb096e4d9fb89a" /> <input type="hidden" name="form_id" id="edit-comment-form" value="comment_form" /> <fieldset class="captcha"><legend>CAPTCHA</legend><div class="description">This question is for testing whether you are a human visitor and to prevent automated spam submissions.</div><input type="hidden" name="captcha_sid" id="edit-captcha-sid" value="82337887" /> <input type="hidden" name="captcha_response" id="edit-captcha-response" value="NLPCaptcha" /> <div class="form-item"> <div id="nlpcaptcha_ajax_api_container"><script type="text/javascript"> var NLPOptions = {key:'c4823cf77a2526b0fba265e2af75c1b5'};</script><script type="text/javascript" src="http://call.nlpcaptcha.in/js/captcha.js" ></script></div> </div> </fieldset> <span class="btn-left"><span class="btn-right"><input type="submit" name="op" id="edit-submit" value="Save" class="form-submit" /></span></span> </div></form>

No Articles Found

No Articles Found

No Articles Found

I want to begin with a little story that was told to me by a leading executive at Aptech. He was exercising in a gym with a lot of younger people.

Shekhar Kapur’s Bandit Queen didn’t make the cut. Neither did Shaji Karun’s Piravi, which bagged 31 international awards.