Nart Villeneuve has published a detailed summary of recent malware attacks on media and human rights groups who work on Chinese issues. He highlights a disturbing new trend. On Wednesday, Amnesty Hong Kong’s website was repurposed by hackers to infect visitors with a wide variety of nasty malware. The Nobel Prize’s website was also defaced earlier this month, for the same ends.
As with the e-mailed Nobel invite malware CPJ described earlier this week, these attacks target one vulnerable member of the dissident community, then use that person’s own communications to infect others.
If you’re an organization whose audience in China is of interest to the authorities, please take extra care with the security of your website. As Villeneuve says, even if this spate of attacks ebbs, attacking online news sites to spread targeted spyware is a trend that is bound to continue.