Researchers reveal that Forbes.com was hacked in late November.
Chinese hackers infected Forbes.com with malware targeting specific visitors as part of an attack on the U.S. defense and financial industry, according to cybersecurity researchers at iSIGHT Partners and Invincea.
What happened? For three days late last year, the news site’s “Thought of the Day” — a quote and advertisement shown to visitors before they view the webpage — was compromised. This widget seamlessly redirected visitors from certain organizations to another site where their computers could be infected with malware without their knowledge. The researchers said they believe the malware was only used to infect a select group of targets, despite the broad audience of Forbes.com.
How did it happen? Researches have linked similar malware controlled by the same server used in the Forbes attack to breaches of websites frequented by domestic Chinese dissident groups. According to reports, the hackers took advantage of an unpatched vulnerability in Adobe Flash, which is used by Forbes to present its “Thought of the Day.” An additional “0-day” exploit in Internet Explorer was leveraged to infect machines running newer versions of Windows.
When did it occur? It is believed the attack was active from November 28 to December 1, though a longer duration is possible.
What they’re saying: “On December 1, 2014, Forbes discovered that on November 28, 2014, a file had been modified on a system related to the Forbes web site. The file was immediately reverted and an investigation by Forbes into the incident began. Forbes took immediate actions to remediate the incident. The investigation has found no indication of additional or ongoing compromise nor any evidence of data exfiltration. No party has publicly claimed responsibility for this incident,” a recent statement shared.
As the Washington Post notes, nearly every major news outlet, including the Washington Post and the New York Times, have reported that they were victims of attacks suspected to be carried out by Chinese hackers. However, the latest Forbes attack highlights that security vulnerabilities at outlets can also put readers at risk. This recent incident comes amid growing concerns that even the most trusted sites (and devices) can be used by hackers aimed at infiltrating sensitive industries. Thus, it is becoming increasingly clear that embedded system insecurity affects everyone and every company. With the number of breaches on the rise and no apparent end in sight, how can you ensure that your network is protected?