Mainland China behind targeting Taiwanese politicians ahead of election

FireEye security researchers have found a new threat that is being called Advanced Persistent Threat  that is being linked to mainland china , targeting Taiwanese politicians and members of the media,  weeks before elections in Taiwan  . 

First attack were recorded on November 26, against members of Taiwan's Democratic Progressive Party (DPP) 

DDP, is  the main opposition party and was expected to easily win against the Kuomintang (KMT) party, which promotes more friendly policies with China . Members of DDP and pro media outlets were attacked .

According to the technical analysis done by FireEye, target were sent email email that were related to "DPP's Contact Information Update " as to lure them to  open the email thus leading to the download and installation of ELMER backdoor trojan. 

Vulnerabilities that have been used were : Microsoft Office (CVE - 2015-2545) and Windows (CVE-2015-2546) and third Windows local privilege escalation vulnerabilty (CVE-2015-1701).

This type of booby trapped Word documents was never encountered ."Chinese government would able to predict results , additional intelligence on polirics, activists and others who interact with journalists " confirmed Ryann Winters , of FireEye threat intelligence.

Share this with Your friends: