Google plans to submit a formal request to the Chinese government “in the coming days” for information about the hacking attacks launched from the country. The world’s most popular search engine said last week it was thinking of pulling out of China after a “sophisticated” attack on its network that resulted in theft of its intellectual property.
Sources said the attack, which targeted people who have access to certain parts of Google networks, may have come from Google China’s office. “We’re not commenting on rumour and speculation. This is an ongoing investigation, and we simply cannot comment on the details,” a Google spokeswoman said.
19/01/2010
Security analysts said the programme used in the Google attack was a modification of a trojan called Hydraq. A trojan is a programme that allows a hacker unauthorised access to a computer. Analysts said the sophistication in the attack was in knowing who to attack.
Sources also said some Google China employees were denied access to internal networks after 13 January while some staff were put on leave and others transferred to different offices in Google’s Asia Pacific operations. Google declined to comment.
Meanwhile, the code used by China-based hackers in cyber attacks against Google and at least 20 other companies has been published on the internet.
Code that exploits the yet-to-be-patched Microsoft Internet Explorer vulnerability has appeared on at least one website, according to researchers at security firm McAfee.
Microsoft published a blog post about the vulnerability after it was identified by McAfee researchers investigating the attacks.
The public release of the exploit code increases the possibility of widespread attacks using the IE vulnerability, said McAfee chief technology officer George Kurtz in a blog post.
“The now public computer code may help cybercriminals craft attacks that use the vulnerability to compromise Windows systems,” he said.
According to McAfee, the attack is especially deadly on older systems running Window XP and IE 6, although versions 7 and 8 are also vulnerable.
This is the largest and most sophisticated cyber attack in years targeted at specific corporations, said Kurtz.
“What really makes this a watershed moment in cybersecurity is the targeted and coordinated nature of the attack, with the main goal appearing to be to steal core intellectual property,” he said.