Skip to main content

Amnesty International UK Website Serves Malware Following Hack

Cyber criminals have successfully breached into Amnesty International's UK Website through backdoors using a malware, new reports confirmed.

Reports reveal that the malware that was used in the attack was actually a specially designed one that exploits a recently discovered vulnerability in Java.

According to Brian Krebs - a prominent security analyst, the affected website's home page has been infected with a code that draws malicious scripts from a compromised Brazilian automobile site.

Apparently, the compromised Brazilian site serves as the source of a malicious Java applet designed to target a particular well known Java vulnerability. The applet is capable of retrieving an executable file, labelled by the security firm Sophos as Trojan Spy-XR.

Trojan Spy XR basically happens to be malware first discovered earlier this year in the month of June.

"It appears likely that the exploit may be part of an ongoing campaign by Chinese hacking groups to extract information from dissident and human rights organizations," Krebs explained, according to TG Daily report.

"Of course, a subset of these activists are too smart to click on links in even well-worded spearphishing emails. But what if you compromised a website frequented by these activists? The context-specific damage potential is significant", he further added.