Bonum Certa Men Certa

Chinese Google 'Attack' Involves Microsoft Windows Flaws

China satellite image



Summary: It is not Google's fault but Microsoft's fault that China managed to compromise accounts not just of Google but of over 20 other companies, by Microsoft's own admission

YESTERDAY we mentioned Google's reaction to attacks from China, which are now confirmed to be targeting different companies. It was not something against Google as Google is one among several victims and some people doubt there will be an exit from the largest Internet market.



How would leaving the Chinese market actually prevent Chinese crackers from connecting to Google servers? It would not.

Hacking Risks Persist Even If Companies Withdraw From China



Google and other enterprises still face a bleak computer security landscape that makes their companies vulnerable to hackers, whether they do business in China or not, analysts say.


Perhaps the most interesting revelation, which was found buried deep inside reports, is the role of Windows in these attacks on Google. Check this one out for example: (the emphasis in red is ours)

More sources are now claiming the Chinese government is behind the recent cyberattacks against Google and 33 other Silicon Valley companies, reports security firm Verisign iDefense. The attacks, revealed yesterday via a posting on Google's official blog, were hacking attempts on the technology infrastructure of Google and other major corporations in sectors that included finance, technology, media and chemical, said Dave Girouard, president of Google Enterprise.

[...]

While July's attacks were detected early and were largely uneventful, December's attacks did find some success. In addition, these same sources claim that the files in both cases share similar characteristics. For example, both attacks used a backdoor Trojan in the form of a Windows DLL, and both share two similar hosts for the command-and-control (C&C) communication. In layman's terms, if the cyberattack was a ground assault during a war, the C&C would be the general barking out the orders. Also in both incidents, the IP addresses used for C&C are in the same subnet and only six addresses apart from each other. That means both attacks are likely to have been instigated by the same entity and may imply that the recent victims' technology infrastructure has been compromised since July.


When one in two Windows PCs is said to be a zombie PC, the above should not be surprising. This was a targeted attack which must have relied on China activists' use of Microsoft Windows.

As the name suggests, the carefully crafted assaults differ from the net-cast-wide malware most often seen. A targeted attack specifically selects its victim and generally sends an e-mail using that person's name and perhaps business title. The body of the message might reference an attached list of business contacts, or describe it as an invoice, or use any other hook that would allay suspicion and convince the victim to double-click the attachment.


Real activists do not use Windows and should use GNU/Linux. A few moments ago, our reader Jose added information that confirms the above. It's an AP article titled "Microsoft's browser flaw exposed Google to hackers" and it says (in the opening): "Microsoft says a security flaw in its Internet Explorer browser played a role in the recent computer attacks against Google and at least 20 other companies."

In other news, a bank server has just been compromised and Baidu got hit by the same group that exploited Windows botnets to take down Twitter [1, 2, 3, 4, 5, 6]. We mentioned this story here and there's more from The Register:

The same group that used a DNS attack to hijack Twitter last month has defaced the home page of Chinese search engine Baidu.

Surfers visiting Baidu site on Monday night were confronted by the message "This site has been hacked by Iranian Cyber Army", together with an image of the Iranian flag. Early speculation suggests the attack involved changing Baidu's DNS records rather than a direct attack on the site itself, but this remains unconfirmed.


Baidu -- unlike Google -- was not a victim of customers who use Windows. Google should tell customers that it's not Google that's vulnerable; it's Windows. Customers should therefore rethink their platform preferences. The same already goes for banks, for similar reasons.

Comments

Recent Techrights' Posts

No, Microsoft Didn't Lay Off So Many People Because of "AI" "Innovation" or "Efficiency" or "Era" or "Revolution" Etc.
Debunking one very common lie
What We Do When We Say "GNU/Linux" to People
It talks about "Linux", "GNU", and what it means to say "GNU/Linux"
Canonical Will Give You Money Only If You Work for Microsoft!
Only if you are servicing (being a slave to) proprietary forges that Microsoft and the NSA control while violating the GPL will Canonical give you money
There Are Also Loads of Microsoft LinkedIn Layoffs Today (Keep Track of the Subsidiaries They Keep Out of Headlines)
Perhaps lost in the smokescreen
There Are Bigger Rounds of Microsoft Layoffs Coming, a Cull of 10% Implemented in Waves (the "3%" Figure is Misleading, Face-Saving)
Last night we said they might do the layoffs in three or at least two waves
 
Links 14/05/2025: Fentanylware (TikTok) Harms Kids, Russia Refuses to Defuse
Links for the day
Gemini Links 15/05/2025: Poseur Nerds and Mennonites
Links for the day
VS Code Is Not FOSS, And Neither Is the Site "It's FOSS"
VS Code is proprietary spyware of Microsoft, yet this site keeps promoting it like it's FOSS
Links 14/05/2025: Facebook And Instagram Risk Nationwide Bans, Microsoft Subsidiaries Have Mass Layoffs Too
Links for the day
If Microsoft Staff That Strangles Woman Pays You to Write Lies, It Will Not End Well
The past couple of years were our most productive ever
Gemini Links 14/05/2025: "Writing My Story with Inspiration from Notable Lives" and People Start Shovelling Up LLM Slop Onto Geminispace,
Links for the day
Microsoft is Very Highly Stressed About Adoption of GNU/Linux at Windows' Expense (on Former "Vista 10" PCs)
What does this tell us?
Slopwatch: BetaNoise (BetaNews), LinuxSecurity, and Slopfarms Still Promoted by Google News
The primary goal is to demonstrate the problem persists
Links 14/05/2025: Google Agrees to $1.3 Billion Settlement After Spying, China Tariffs Don't Work
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, May 13, 2025
IRC logs for Tuesday, May 13, 2025
Gemini Links 13/05/2025: Apocalyptic Future and More
Links for the day
Unless a Third of All Microsoft Layoffs Worldwide Are in Redmond (Washington) Alone, Microsoft Has Just Lied to Everyone Via Jordan Novet in CNBC (i.e. the Usual Any Time There's Mass Layoffs and Novet Weighs in With False Numbers)
Maybe when Microsoft said 3% it meant ~6,000 or more in the US alone
McKinsey (McK) is Killing IBM, It's All About Killing This Goose, "National Sales Team 80% on PIP Now" (Preceding Layoffs Without Severance)
PIPs are not based on performance
Links 13/05/2025: Microsoft Breaks Windows Very Badly Again, Mass Layoffs Reported (But False Figures, It's a Lot Higher)
Links for the day
As Expected, Microsoft Uses Media Operative (Jordan Novet) to Downplay the Scale of Mass Layoffs
here we go
2025 Will be a Big Year For GNU/Linux on Desktops/Laptops
with an economy like this, people who don't live in rich countries won't turn to Apple
Signs of Trouble: Microsoft Job Openings for Jobs That Do Not Exist!
Keeping up appearances?
"Special Place in Hell" for Women Who Help Violent Microsofters From Another Continent Attack Local Women Who Did Nothing Wrong, They Just Got Bullied and Deserve Sympathy or Compensation
Nothing says "Brat" like men who attack women, right?
The Numbers Game: 50,000-60,000 Microsoft Workers Laid Off in 2.5 Years? And Debt Still Tripled Under Nadella.
under Nadella Microsoft's debt trebled
The Slow Death of Windows Will Mean the Inevitable Demise of Microsoft
Once people stop using Windows, it'll be hard for Microsoft to sell anything to them
Last Week's Public Talk by Richard Stallman Well Attended and Covered in Technical News Sites
and we're looking at about 60,000 Microsoft layoffs in 3 years
Gemini Links 13/05/2025: Shopping is an Exasperating Nightmare and Making Phones Minimal
Links for the day
23,000 More Microsoft Layoffs by the End of June If the Estimates Are Correct (In Addition to About 6,000 Layoffs So Far This Year)
There's no questions about many layoffs happening this month. It got leaked already. The only question is when (and also how many).
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, May 12, 2025
IRC logs for Monday, May 12, 2025
Major Microsoft Layoffs This Week (Discussed Online)
later we can expect a lot of spin, even misinformation
What Happened to the Open Source Initiative (OSI) Elections: Missed Deadline
they helped expose a number of other scandals
Links 12/05/2025: Measles Rising and Taliban Outlaws Chess in Afghanistan
Links for the day
Gemini Links 12/05/2025: Advice, Iorist Ethics, and Touchscreens
Links for the day
The Finances of GAFAM Aren't as They Seem
MICROSOFT FINANCIAL PYRAMID revisited
Links 12/05/2025: US Brain Drain and Reminder That "Microsoft's Lobbying Efforts Eclipsed Enron" (Fraud Coverup)
Links for the day
The Enshittification of Royal Mail (Post Office/Postal Services) Continues
Enshittification is a thing, not only in the digital realm
Red Hat's Owner is Called "America's Worst Tech Company" (IBM) and Microsoft's Liabilities Grow
Microsoft has about a quarter of a trillion (yes, trillion with a "T") in liabilities
If the Gossip is True, Today Microsoft Has "Large M1 Meetings" to Discuss Almost 30,000 More Microsoft Layoffs in 2025
the claim is that Microsoft is preparing to lay off 10% of its staff
Microsoft Has a Long and Proven History of Funding Meritless Lawsuits Against Rivals and Critics (It Always Backfires)
It also looks like the solicitor used by two Microsofters to SLAPP us is being urgently replaced
Links 12/05/2025: Gardens and Kitchens
Links for the day
Links 12/05/2025: Media Being Attacked (New Forms of Attack on the Press), Many Data Breaches
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, May 11, 2025
IRC logs for Sunday, May 11, 2025