Bonum Certa Men Certa
If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Chinese Google 'Attack' Involves Microsoft Windows Flaws

China satellite image



Summary: It is not Google's fault but Microsoft's fault that China managed to compromise accounts not just of Google but of over 20 other companies, by Microsoft's own admission

YESTERDAY we mentioned Google's reaction to attacks from China, which are now confirmed to be targeting different companies. It was not something against Google as Google is one among several victims and some people doubt there will be an exit from the largest Internet market.



How would leaving the Chinese market actually prevent Chinese crackers from connecting to Google servers? It would not.

Hacking Risks Persist Even If Companies Withdraw From China



Google and other enterprises still face a bleak computer security landscape that makes their companies vulnerable to hackers, whether they do business in China or not, analysts say.


Perhaps the most interesting revelation, which was found buried deep inside reports, is the role of Windows in these attacks on Google. Check this one out for example: (the emphasis in red is ours)

More sources are now claiming the Chinese government is behind the recent cyberattacks against Google and 33 other Silicon Valley companies, reports security firm Verisign iDefense. The attacks, revealed yesterday via a posting on Google's official blog, were hacking attempts on the technology infrastructure of Google and other major corporations in sectors that included finance, technology, media and chemical, said Dave Girouard, president of Google Enterprise.

[...]

While July's attacks were detected early and were largely uneventful, December's attacks did find some success. In addition, these same sources claim that the files in both cases share similar characteristics. For example, both attacks used a backdoor Trojan in the form of a Windows DLL, and both share two similar hosts for the command-and-control (C&C) communication. In layman's terms, if the cyberattack was a ground assault during a war, the C&C would be the general barking out the orders. Also in both incidents, the IP addresses used for C&C are in the same subnet and only six addresses apart from each other. That means both attacks are likely to have been instigated by the same entity and may imply that the recent victims' technology infrastructure has been compromised since July.


When one in two Windows PCs is said to be a zombie PC, the above should not be surprising. This was a targeted attack which must have relied on China activists' use of Microsoft Windows.

As the name suggests, the carefully crafted assaults differ from the net-cast-wide malware most often seen. A targeted attack specifically selects its victim and generally sends an e-mail using that person's name and perhaps business title. The body of the message might reference an attached list of business contacts, or describe it as an invoice, or use any other hook that would allay suspicion and convince the victim to double-click the attachment.


Real activists do not use Windows and should use GNU/Linux. A few moments ago, our reader Jose added information that confirms the above. It's an AP article titled "Microsoft's browser flaw exposed Google to hackers" and it says (in the opening): "Microsoft says a security flaw in its Internet Explorer browser played a role in the recent computer attacks against Google and at least 20 other companies."

In other news, a bank server has just been compromised and Baidu got hit by the same group that exploited Windows botnets to take down Twitter [1, 2, 3, 4, 5, 6]. We mentioned this story here and there's more from The Register:

The same group that used a DNS attack to hijack Twitter last month has defaced the home page of Chinese search engine Baidu.

Surfers visiting Baidu site on Monday night were confronted by the message "This site has been hacked by Iranian Cyber Army", together with an image of the Iranian flag. Early speculation suggests the attack involved changing Baidu's DNS records rather than a direct attack on the site itself, but this remains unconfirmed.


Baidu -- unlike Google -- was not a victim of customers who use Windows. Google should tell customers that it's not Google that's vulnerable; it's Windows. Customers should therefore rethink their platform preferences. The same already goes for banks, for similar reasons.

Comments

If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Recent Techrights' Posts

Links 04/05/2026: Energy Shortages Become More Visible, Germans Reject Military Service, Merz Says US 'Humiliated' Over Iran
Links for the day
KDE's Cornelius Schumacher Explains Why You Should be Slop-Free
Output is not measured by quantity of words
Links 03/05/2026: Insolvent US Bailing Out Google, Microsoft, Amazon, Nvidia, Oracle, OpenAI, and SpaceX
Links for the day
 
Links 04/05/2026: "DNC Covering Up Its 2024 Autopsy" and Rudy Giuliani in Critical Condition
Links for the day
Linux Kernel Tainted by Software Patents That Make Linux Worse and the 'Linux' Foundation is Compiling Bribes to Enable This (Promotion of Monopolies and Tolerance of Software Patenting)
Why you need to reboot when a serious bug is found in Linux? "Licencing"...
ChromeOS and GNU/Linux Exceed 5% in New Zealand
Can we expect New Zealand and Australia to divest from GAFAM?
The Real News is Botnets (e.g. Windows With Back Doors), Not Iran
Let's focus on the botnets [...] Microsoft's aim is the opposite of security
SLAPP Censorship - Part 66 Out of 200: Alex Graveley Did Illegal Things, Then Asserted Mentioning Those Illegal Things is Privacy Violation
Alex Graveley "has suffered damage and distress" when the public found out he told women to kill themselves
The Corrupt Lecture the Non-Corrupt - Part XII - Outsourcing Everything to Microsoft, Which is Illegal
Today's EPO isn't about technology or law
Melissa Chan on Why Press Freedom Matters to Everyone, Not Just Journalists
dispelling a myth
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, May 03, 2026
IRC logs for Sunday, May 03, 2026
Gemini Links 04/05/2026: Another Old Web Pillar Gone and Simple Lobsters Mirror for Gemini
Links for the day
SLAPP Censorship - Part 65 Out of 200: Graveley and Garrett Claims Are Word-by-Word Similar (They Also Collaborated All Along)
We'll keep it short today
IBM Has a Long and Rich History of Showing Chatbots Bear No Business Prospects (From Jeopardy to Watson Healthcare and McDonalds)
Watson Healthcare is already in the dustpan, so they are rebranding it again
Europe Decoupling is Bad News for GAFAM, Especially Bad to Microsoft
Countries want independence
India Needs to Recognise That the World Wide Web is Monoculture in India
In the US, a judge with Indian roots dealt with a case related to this; why won't India?
All-Time Lows for Windows Down Under
seeing the demise of Windows in Australia (historically a slow or low adopter of GNU/Linux) is good news
IBM's Kyndryl Accounting Fraud Explained and More Recently the Insiders Talk About Mass Layoffs
Judging by how the media totally ignored 800+ layoffs at IBM's Confluent and 400+ layoffs at Red Hat a few weeks ago don't expect to hear anything about Kyndryl layoffs
Links 03/05/2026: Water Shortages Crises and Slop Fakes "Are Coming for Your Bank Account" (Slop-Enabled Fraud)
Links for the day
All-Time Lows for Windows in Spain and Portugal
data which became publicly available less than 24 hours ago in statCounter
The Corrupt Lecture the Non-Corrupt - Part XI - EPO 'Products' to Cement Asian and American Monopolies
Only a fool would believe Lame Duck Campinos
Microsoft Windows Falls Below 9% in South Africa
As one can expect, GNU/Linux is measured as going up in France
Gemini Links 03/05/2026: The Black Side of the Web, LiveJournal, Chimarrão
Links for the day
A Month Since Mass Layoffs at Red Hat (400+ Engineers Laid Off), The Media Didn't Cover It
We are very concerned about the state of the media
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 02, 2026
IRC logs for Saturday, May 02, 2026
Gemini Links 02/05/2026: Strange Psychosis and TUIs
Links for the day
Links 02/05/2026: Microsoft Has Begun Rebranding Vista 11 as 'XBox' (Because the Console is Dying), Slop Rejected by Oscars
Links for the day
IBM's CEO 10 Years Ago in IBM-Sponsored Forbes: "For those willing to embrace [blockchains], the future will indeed be bright."
How well did this prediction materialise?
SLAPP Censorship - Part 64 Out of 200: Not Amused by Repeated Threats (to "Shut Down" My "Existence" While Mentioning My Wife Too)
it's about censorship
RightsCon Cancellation as a Data Point in a World Gone Astray
RightsCon should not even be controversial
The NHS is Under Attack by Anthropic and Microsoft (or Their Lemmings That Infect the NHS)
They are kidding themselves if they seriously believe Web-facing source code repositories are the real threat to patients
cPanel is Not Linux, cPanel is Proprietary Software
It's fair to say I've used cPanel for 23 years
Links 02/05/2026: Gen Z is Turning Against Slop and OpenAI/Microsoft Rift Explained
Links for the day
Storage and Memory Prices Are Rising Not Because of High Demand (Production Can Match Demand), It's Partly Because of Price-Fixing (Same as Food Price Increases)
Sophisticated robberies are still robberies
Thousands of Layoffs at IBM, So IBM Pays Mainstream Media to Claim That IBM is Hiring (Paid Lies)
This is a story about the media failing us, not just IBM failing as a company
A Look at DataStax Bluewashing (IBM and Layoffs)
IBM is a place that many people leave or get pushed out of
Gemini Links 02/05/2026: Leaving Session, Alhena 5.5.7, and Slop Failing Customers
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 01, 2026
IRC logs for Friday, May 01, 2026