Bonum Certa Men Certa

Chinese Google 'Attack' Involves Microsoft Windows Flaws

China satellite image



Summary: It is not Google's fault but Microsoft's fault that China managed to compromise accounts not just of Google but of over 20 other companies, by Microsoft's own admission

YESTERDAY we mentioned Google's reaction to attacks from China, which are now confirmed to be targeting different companies. It was not something against Google as Google is one among several victims and some people doubt there will be an exit from the largest Internet market.



How would leaving the Chinese market actually prevent Chinese crackers from connecting to Google servers? It would not.

Hacking Risks Persist Even If Companies Withdraw From China



Google and other enterprises still face a bleak computer security landscape that makes their companies vulnerable to hackers, whether they do business in China or not, analysts say.


Perhaps the most interesting revelation, which was found buried deep inside reports, is the role of Windows in these attacks on Google. Check this one out for example: (the emphasis in red is ours)

More sources are now claiming the Chinese government is behind the recent cyberattacks against Google and 33 other Silicon Valley companies, reports security firm Verisign iDefense. The attacks, revealed yesterday via a posting on Google's official blog, were hacking attempts on the technology infrastructure of Google and other major corporations in sectors that included finance, technology, media and chemical, said Dave Girouard, president of Google Enterprise.

[...]

While July's attacks were detected early and were largely uneventful, December's attacks did find some success. In addition, these same sources claim that the files in both cases share similar characteristics. For example, both attacks used a backdoor Trojan in the form of a Windows DLL, and both share two similar hosts for the command-and-control (C&C) communication. In layman's terms, if the cyberattack was a ground assault during a war, the C&C would be the general barking out the orders. Also in both incidents, the IP addresses used for C&C are in the same subnet and only six addresses apart from each other. That means both attacks are likely to have been instigated by the same entity and may imply that the recent victims' technology infrastructure has been compromised since July.


When one in two Windows PCs is said to be a zombie PC, the above should not be surprising. This was a targeted attack which must have relied on China activists' use of Microsoft Windows.

As the name suggests, the carefully crafted assaults differ from the net-cast-wide malware most often seen. A targeted attack specifically selects its victim and generally sends an e-mail using that person's name and perhaps business title. The body of the message might reference an attached list of business contacts, or describe it as an invoice, or use any other hook that would allay suspicion and convince the victim to double-click the attachment.


Real activists do not use Windows and should use GNU/Linux. A few moments ago, our reader Jose added information that confirms the above. It's an AP article titled "Microsoft's browser flaw exposed Google to hackers" and it says (in the opening): "Microsoft says a security flaw in its Internet Explorer browser played a role in the recent computer attacks against Google and at least 20 other companies."

In other news, a bank server has just been compromised and Baidu got hit by the same group that exploited Windows botnets to take down Twitter [1, 2, 3, 4, 5, 6]. We mentioned this story here and there's more from The Register:

The same group that used a DNS attack to hijack Twitter last month has defaced the home page of Chinese search engine Baidu.

Surfers visiting Baidu site on Monday night were confronted by the message "This site has been hacked by Iranian Cyber Army", together with an image of the Iranian flag. Early speculation suggests the attack involved changing Baidu's DNS records rather than a direct attack on the site itself, but this remains unconfirmed.


Baidu -- unlike Google -- was not a victim of customers who use Windows. Google should tell customers that it's not Google that's vulnerable; it's Windows. Customers should therefore rethink their platform preferences. The same already goes for banks, for similar reasons.

Comments

Recent Techrights' Posts

Links 28/06/2025: The Age of Integrity and FreeBSD Foundation Added John Baldwin as Board Member
Links for the day
Fedora 44
IBM now does to Fedora what it did to RHEL
Microsoft Already Shaved Off Costs Anywhere It Could. It Was Not Enough.
Office and Windows aren't "selling" (licences) like they used to
Scheduled Maintenance Next Week
Our community is alive and well
BetaNews: We're Publishing LLM Slop About LLM Slop
Beta version of a slopfarm?
3-Month Updates on Our Complaint to the Solicitors Regulation Authority (SRA)
In short, the complaint remains open, updated, and is advancing
IBM Red States Hat (Project 2025): Our "New Thing" Replaces This "Old Thing"
The new replaces the old. That's how IBM frames it.
Start X
Just because something is old does not mean it is bad
Slopwatch: Linuxsecurity, Google News Slopfarms, and Linux Journal (LJ)
Today we take a quick look at 3 slopfarms
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 27, 2025
IRC logs for Friday, June 27, 2025
Links 28/06/2025: "CC Signals" Virtue-Signals to Slop Ponzi Schemes, North Korea Aims for Tourism
Links for the day
Links 27/06/2025: International Tensions and Contentions Over Plagiarism Perfumed as "Hey Hi" and "Fair Use"
Links for the day
Gemini Links 27/06/2025: Poetry and Censorship by Social Control Media Centralisation
Links for the day
Links 27/06/2025: Journalists Under Fire and Microsoft Has Serious Slop Problems
Links for the day
X is Dying, But Not XServer/X11. Twitter X.com is Dying.
People or businesses or government officials (and departments) that still rely on Social Control Media are playing Russian Roulette with their future online
Wayland is About Less Choice, About Removing Choices, It's Not About Freedom
IBM insists that it cares about "diversity"
Keeping Things Accessible
Gemini Protocol seems to be growing
Escaping Colonialism (or 'Hegemony') Requires Abandoning GAFAM, Microsoft in Particular
Europe is already in the process of abandoning Microsoft
Microsoft Will Shut Down More Studios This Week, Its Media Operatives Will Tell Lies About the Magnitude of the Shutdowns and Layoffs (They Always Do)
Many people who get counted as "workforce" are "temps" or similar
Not Much Better Than LLM Slop: Linux Foundation-Funded 'News' Site Writes Linux Foundation 'News', Composed by Linux Foundation Operative, Quoting Linux Foundation Staff
...they get paid (sponsored) to produce this spam. Then they call it "journalism".
What Linux Foundation 'Research' is: Paid Marketing
What is Linux Foundation 'Research'?
Annual Southern California Linux Expo (SCALE 22x) 'Bought' by Microsoft and Microsoft Exceeded Sponsorship Limits by Giving Double the Maximum Permitted Amount
When people get bribed they tend to forget how to utter a simple word: "No."
No, IBM Does Not Care About People With Disabilities
"Aktion T4" did not seem to bother Watson
Microsoft's Financial Problems Mean Shutdowns, Not Just Mass Layoffs
If the original rumour is true, then expect almost 30,000 Microsoft workers to be let go this year
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 26, 2025
IRC logs for Thursday, June 26, 2025
The Netherlands: GNU/Linux Measured at All-Time High
Are any Dutch cities going to announce dumping Microsoft?
Gemini Links 27/06/2025: "Interstitial Existence" and Autocorrect
Links for the day
EPO Examiners Point Out to the Heads of Delegations in the Administrative Council of the EPO That the "AI Policy" of the Office is Illegal
"the Central Staff Committee (CSC) asks the Administrative Council to exert its supervisory role and instruct EPO management to enter into genuine dialogue with the staff representation on the AI Policy, to revise the “Leverage AI” target of 90% AI-automated classification in the SP2028 and to put in place the measures supported by staff in the resolution."
Technical People Need Technical Lawyers
Technical Litigants in Person (LIPs) have many real and concrete advantages
10,000+ Articles in About 20 Months (and How We Got Here)
More bloat does not beget efficiency and "bells and whistles" tend to have a hidden cost
French Cities Dumping Microsoft Because They Recognise Software Freedom, Open Standards, GNU/Linux Autonomy
We hope that more French cities - maybe Paris - will follow Lyon.
Links 26/06/2025: Illegal Kangaroo Court (UPC) Failing Scandinavia, K-Pop Agencies Abuse People
Links for the day
Gemini Links 26/06/2025: AuraGem Twitch Proxy is Back and UI Sluggishness
Links for the day
LWN is a Voice of GAFAM (Through Linux Foundation, Their Front Group or Occupying Force Inside Linux)
remember who the chief editor works for and who sponsors many of the articles
Links 26/06/2025: Noise Pollution Considered High in Europe, Mass Layoffs Next Week in Microsoft Confirmed, Very Large in Scale and Scope
Links for the day
The 'Case' of the Serial Strangler From Microsoft is a Lot of Copypasta (Maybe Also LLM Slop) From the Matthew Garrett 'Case'
5RB deserves to know and the matter shall be properly reported in due course (when the time is right)
EPO Squeezing the Staff - Part II - Office Breaks Rules, Ignores Courts, Defies Justice
False promises everywhere
No, I Don't Want Your Latest XYZ, ThankYouVeryMuch...
Wayland is finally ready?
China Keeps Breaking Into Microsoft Systems, So for True Sovereignty, Nations Wary of China Need to Dump Microsoft
Looking at data from Taiwan (not China) and Maharlika (not Philippines, the king is dead and Spain is out), there are encouraging signs
Linux Journal Wants Ads on Its LLM Slop or Ads as 'Articles'
it's basically another BetaNews
How to Kill a Monopoly
in 10 simple steps
IBM - Like Microsoft - is a Dying Company and Perishing Brand ("AI" is a Lie and Decoy)
"Arvind is cutting costs (layoffs, PIPs, forced RTO, etc...) like crazy. IBM offices are closing all over the place in the US."
"Code of Conduct" Invoked When Fedora and Red Hat Users (Since the 1990s) Don't Want to Use Wayland
That is IBM "DEI"
Mozambique: GNU/Linux Rose From 0.5% Last Year to 3% This Year
what (or how) statCounter is measuring
Microsoft Layoffs Next Week: About 10% to be Laid Off in Microsoft Gaming (2 Days Before Independence Day), About 20%+ of XBox Staff
Microsoft is rapidly collapsing
Next Month Marks 11 Years Since Our In-Depth EPO Coverage
The same is happening to Microsoft right now
Free Software Foundation (FSF) Campaigns Against Vista 11, Adds 4 New Associate Members Per Day
If more people understood the underlying principles, more of them would flock to Free software overnight
Canonical Seems to Have Culled Some Sources of LLM Slop From Planet Ubuntu
It's like "junk food", it's not information
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 25, 2025
IRC logs for Wednesday, June 25, 2025
On "Weak Claims"
For the record, they sent me unjustified threats, repeatedly tried injunctions (censorship)
EPO Squeezing the Staff - Part I - Burnout and Family Health
more exceptional circumstances
This Month's Mail (MX) Server Survey Shows Microsoft at 0.20% "Market Share"
We need to remind people that desktops and laptops decline (in proportion to other client devices) and at the "back end" GNU/Linux is already dominant and has long been dominant
Links 26/06/2025: Filespooler Guide and Learning to Code
Links for the day