• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Do Not Sell My Personal Information
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

Advanced Persistent Threat uses Microsoft documents to target journalists, others

Updated on Apr 20, 2016 by Guest Authors

If you are a journalist or human rights worker, or simply a Tibetan, who resides in territories that were formerly colonies of China, you might have been going through some form of advanced persistent threats that are intended to harm your computers.

The attack takes advantage of a certain vulnerability in the Microsoft Rich Text File type of documents, though it is an old campaign that began to infect computers as early as 2009. Tibetan citizens and journalists based in Hong Kong and Taiwan were the primary targets of the threat, which compiles known flaws into a single attachment, according to security researchers at Arbor Networks who first detected the threat.

microsoft

There are many implications once a compromise arises because of the threat campaign. For instance, the attackers will try to exploit vulnerabilities in order to drop malware payloads onto computers. These malware tools include some of the most popular of their kind such as Gh0StRAT, Agent.XST, Grabber, Kivars, and PlugX.

The design and launch of the advanced persistent threat campaign are carried out in a careful and meticulous manner, according to the researchers. For instance, operators of the APT have mixed past malware tools that are the best of their kind into the modern threat campaign to hit their intended victims.

Because of the combination and updates made to the APT, fresh malware, techniques and spear phishing attacks have come out in the open that are used at present by the attackers exploiting this campaign. In fact, as late as January this year, human rights workers and activists from Tibet were hit by a phishing email campaign that was dressed up as a message coming from a human rights group, alleging that the US Congress has granted $6 million in funding for Tibetans in Nepal and India.

Once the email containing the phishing message is opened, the victim’s computer will be infected with the Grabber malware, which will then enable the system to download other malware like  remote access Trojans to give attackers the privilege into the computer and introduce more malicious code into the computer.

These exploits are nothing new in reality. But they appear to take advantage of current developments in the political and social spheres to lure users into believing in their false integrity, such as the existing conflict between Tibet and China. It seems as though those journalists and human rights activists are the primary targets because of the impact of their work on efforts to clamp down on the freedom of the citizens in communist societies.

Disclosure: As an Amazon Associate, I earn from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Footer

SwitchBot Lock Review – Perfect Smart Lock for Renters

BREEZOME JH03 vs JH04 Air Purifier – Which One Should You Buy?

SwitchBot Curtain Smart Electric Motor Review – The Upgraded Version

COLORWING M08F Portable Thermal Printer Review – Requiring No Ink, Toner, or Ribbon

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • Premiere of the Demo of “EVOLUTION”, Tencent’s First Native Cloud Game, Leading Us to Set Off to the Real World Together
  • VANKYO Leisure 495W and Leisure 470 Pro Projector – New Full-HD Projector Series
  • SwitchBot Lock Review – Perfect Smart Lock for Renters
  • BLUETTI Father’s Day Deals – Power Gears for the Best Dad in the World

Copyright © 2022 · All Rights Reserved