Bonum Certa Men Certa
If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Chinese Google 'Attack' Involves Microsoft Windows Flaws

China satellite image



Summary: It is not Google's fault but Microsoft's fault that China managed to compromise accounts not just of Google but of over 20 other companies, by Microsoft's own admission

YESTERDAY we mentioned Google's reaction to attacks from China, which are now confirmed to be targeting different companies. It was not something against Google as Google is one among several victims and some people doubt there will be an exit from the largest Internet market.



How would leaving the Chinese market actually prevent Chinese crackers from connecting to Google servers? It would not.

Hacking Risks Persist Even If Companies Withdraw From China



Google and other enterprises still face a bleak computer security landscape that makes their companies vulnerable to hackers, whether they do business in China or not, analysts say.


Perhaps the most interesting revelation, which was found buried deep inside reports, is the role of Windows in these attacks on Google. Check this one out for example: (the emphasis in red is ours)

More sources are now claiming the Chinese government is behind the recent cyberattacks against Google and 33 other Silicon Valley companies, reports security firm Verisign iDefense. The attacks, revealed yesterday via a posting on Google's official blog, were hacking attempts on the technology infrastructure of Google and other major corporations in sectors that included finance, technology, media and chemical, said Dave Girouard, president of Google Enterprise.

[...]

While July's attacks were detected early and were largely uneventful, December's attacks did find some success. In addition, these same sources claim that the files in both cases share similar characteristics. For example, both attacks used a backdoor Trojan in the form of a Windows DLL, and both share two similar hosts for the command-and-control (C&C) communication. In layman's terms, if the cyberattack was a ground assault during a war, the C&C would be the general barking out the orders. Also in both incidents, the IP addresses used for C&C are in the same subnet and only six addresses apart from each other. That means both attacks are likely to have been instigated by the same entity and may imply that the recent victims' technology infrastructure has been compromised since July.


When one in two Windows PCs is said to be a zombie PC, the above should not be surprising. This was a targeted attack which must have relied on China activists' use of Microsoft Windows.

As the name suggests, the carefully crafted assaults differ from the net-cast-wide malware most often seen. A targeted attack specifically selects its victim and generally sends an e-mail using that person's name and perhaps business title. The body of the message might reference an attached list of business contacts, or describe it as an invoice, or use any other hook that would allay suspicion and convince the victim to double-click the attachment.


Real activists do not use Windows and should use GNU/Linux. A few moments ago, our reader Jose added information that confirms the above. It's an AP article titled "Microsoft's browser flaw exposed Google to hackers" and it says (in the opening): "Microsoft says a security flaw in its Internet Explorer browser played a role in the recent computer attacks against Google and at least 20 other companies."

In other news, a bank server has just been compromised and Baidu got hit by the same group that exploited Windows botnets to take down Twitter [1, 2, 3, 4, 5, 6]. We mentioned this story here and there's more from The Register:

The same group that used a DNS attack to hijack Twitter last month has defaced the home page of Chinese search engine Baidu.

Surfers visiting Baidu site on Monday night were confronted by the message "This site has been hacked by Iranian Cyber Army", together with an image of the Iranian flag. Early speculation suggests the attack involved changing Baidu's DNS records rather than a direct attack on the site itself, but this remains unconfirmed.


Baidu -- unlike Google -- was not a victim of customers who use Windows. Google should tell customers that it's not Google that's vulnerable; it's Windows. Customers should therefore rethink their platform preferences. The same already goes for banks, for similar reasons.

Comments

If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Recent Techrights' Posts

Real Security Elusive, Microsoft Layoffs to Coincide With Certificate Apocalypse
July 1
 
Links 21/06/2026: Bots from Alibaba Do Harm and Many Xbox Games Are Being Cancelled
Links for the day
5 Years After Release of Vista 11 Not Even One in 5 People Use It (in the US)
It doesn't look like Vista 11 will ever be adopted like prior versions and announcing a Vista 12 will mostly upset companies/organisations that only recently "upgraded" to 11
Gemini Links 21/06/2026: Boca Raton, Perfect Summer Day, and LLM Doing Things Poorly
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 20, 2026
IRC logs for Saturday, June 20, 2026
Microsoft Insiders - Not Limited to XBox - Expect a 'Bloodbath' (Their Own Word)
This isn't limited to XBox
Reports of "PIP" as Means of Mass Layoffs at IBM This Year
some insights into the PIPs
SLAPP Censorship - Part 112 Out of 200: Strangles Women, Then Refuses to Even Attend Any of His Own Hearings About It
It is meanwhile very apparent that Brett Wilson LLP is becoming a "mench sphere"
Gemini Links 20/06/2026: "There Was Never Supposed to Be a Camera" and "What Is A Programming Language"?
Links for the day
Geminispace Reaches Its 8th Year, Today It Has Turned 7
Gemini Protocol 'went live' 7 years ago, just before the COVID-19 pandemic
Links 20/06/2026: "Full Page Paralysis" and "Hopes For Xbox’s Future Might Be Over Before It Even Begins"
Links for the day
European Patent Office's (EPO) Strikes "at a Scale not Seen Since Battistelli", European Patent Grants Down by Over 25% in Past 3 Months
The actions are effective
Links 20/06/2026: Microsoft's "Year of Shame" and "Feed the Writers"
Links for the day
2026 is a Year of Strikes at the European Patent Office (EPO)
As it stands at the moment, to many people the EPO represents crime, not law
Web Browsers Are Technically Bloatware (No Matter What Runs in Them)
Don't make it a society that shames people into using a Web browser where none should be needed
Fedora Has Changed a Lot Since I Last Used It (IBM Dominates Almost Everything, IBM Agenda Displaces Community Goals)
"It is effectively 100% run by Red Hat/IBM employed people... even when they are community-elected representatives."
Andy (Cyber Show) on His Teacher Who "Squeezed Every Last Drop Out of Life, With Gratitude, Humility, Generosity and Mettle"
Some call them "eccentric" and are dismissive about what they have to offer
Only 1.5% Oppose the European Patent Office's (EPO) Strikes and Other Industrial Actions Until 2027
Among those polled/surveyed (in a ballot)
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 19, 2026
IRC logs for Friday, June 19, 2026
Gopher/Gemini Links 20/06/2026: Slop With Tcl/Tk and Nokia 770 Perishes
Links for the day
SLAPP Censorship - Part 111 Out of 200: Garrett and Graveley (the Latter Arrested for Strangling Women) Keep Ousting Their Collaboration in Litigation, Lawfare in a Foreign Continent
it's not law, it's just warfare disguised as "law"
European Patent Office (EPO) Series: Lobbying in Lisbon...
reappointment campaign lobbying has not been restricted to the "home front" in Portugal
Slop Making Its Way Into Terms Where It Does Not Belong
Hopefully by year's end Google News can successfully cull (and deprive of traffic) almost all slopfarms
Links 19/06/2026: Microsoft Patent Troll Intellectual Ventures in Europe, "World Cup of Internet Resilience"
Links for the day
Links 19/06/2026: Salesforce Data Thefts and GAFAM's Conspiracy Theories That Data Center Opposition is a Foreign Plot
Links for the day
Links 19/06/2026: The Retweeting Class and Data Centres as National Security Risk
Links for the day
Don't Attack the Wives (or Spouses) of Pundits/Activists/Journalists
We will be writing several series about this in the future
Society Will Only Improve Owing to People Who Push Boundaries
Push boundaries with ideas and facts, not with forbidden language
Internet Relay Chat (Shorthand IRC) is Still Growing
Contrariwise, social control media is waning
The Register MS Published a New Page With "AI" 21 Times in It. It Was Paid SPAM.
The former editor of the The Register MS admitted to me (directly) that he knew all this "AI" stuff was stupid hype
Murdoch's Wall Street Journal (WSJ) Associates Dependence on a Ponzi Scheme With "the Future"
Those ludicrous ads (disguised as rankings) from WSJ deserve scorn and ridicule
The XBox Story is Still Fast-Developing, the Layoffs Are Confirmed to be Happening Already (Mid-June), Just Not "Officially"
Workers have Microsoft have long braced for what is happening this summer and will accelerate further in two weeks' time
Fake News From Rupert Murdoch's WSJ Could Not Keep IBM From Sinking
"2026 Best Companies for the Future"?
To GNU, AV2 Adoption May be a Year If Not Years Away
The leap between versions means that there is fertile ground for incompatibilities
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 18, 2026
IRC logs for Thursday, June 18, 2026
Gemini Links 19/06/2026: "Born and Raised by the Internet", Fifteen Years in Gopher
Links for the day