A team of Canadian researcher have uncovered a spy network dubbed GhostNet which has targeted high value targets to steal information, according to a Globe and Mail report.
In September of last year Greg Walton, a security advisor, was asked to determine whether somebody was trying to spy on the Dalai Lama's computer. He found a completely compromised computer system, infected with "malware" that allowed a mysterious outside entity to not only spy on the computer, but also extract data from it. He was even able to watch someone take a copy of a document detailing the negotiating positions of the Dalai Lama's envoy.
After collecting over 1.2 gigs of raw data he returned to Canada and provided the information to Nart Villeneuve for analysis. Soon Villeneuve and his team found four control servers, each one contained a list of the infected computers which reported back to the server, as well as code used to control the infected computers. "If the 1,295 infected computers in 103 different countries were the limbs, the four servers were the spine, and three of those servers were located in China."
An estimated 30% of the infected computers include such "high-value targets" as Indonesia's Ministry of Foreign Affairs and the Indian Embassy in Kuwait, as well as a dozen computers in Canada.
Their discovery has set government agencies around the world scrambling to figure out what sensitive files may have been compromised by the spy network, which even now continues to grow larger, its authors apparently undaunted by all the extra attention.
Read More
In September of last year Greg Walton, a security advisor, was asked to determine whether somebody was trying to spy on the Dalai Lama's computer. He found a completely compromised computer system, infected with "malware" that allowed a mysterious outside entity to not only spy on the computer, but also extract data from it. He was even able to watch someone take a copy of a document detailing the negotiating positions of the Dalai Lama's envoy.
After collecting over 1.2 gigs of raw data he returned to Canada and provided the information to Nart Villeneuve for analysis. Soon Villeneuve and his team found four control servers, each one contained a list of the infected computers which reported back to the server, as well as code used to control the infected computers. "If the 1,295 infected computers in 103 different countries were the limbs, the four servers were the spine, and three of those servers were located in China."
An estimated 30% of the infected computers include such "high-value targets" as Indonesia's Ministry of Foreign Affairs and the Indian Embassy in Kuwait, as well as a dozen computers in Canada.
Their discovery has set government agencies around the world scrambling to figure out what sensitive files may have been compromised by the spy network, which even now continues to grow larger, its authors apparently undaunted by all the extra attention.
Read More