How Chinese State Cybercriminals Used Advertising Technology To Hack Millions Of Systems

Internet and network security.
SHARE
THIS



A startling new report has revealed how Advanced Persistent Threat (APT) groups operating on the behalf of the Chinese government used adware to target Windows and Android devices.

Decade of the RATs: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android, released by BlackBerry, reveals how these Chinese hackers have managed to successfully target specific systems without detection since 2012.

The attacks particularly focussed on Linux servers, which run nearly all of the top 1 million websites online, 75 per cent of all web servers and 98 per cent of the world’s supercomputers.

The hackers used a number of different techniques to evade the many security systems that are in place, including adware, which is the software that generates online advertisements in a user interface.

By giving malware (malicious software that aims to damage or violate devices) adware code-signing certificates, these APT groups were able to increase the infection rates, as any red flags were simply dismissed as another blip in the constant stream of adware.

According to BlackBerry, this adware technology – that is used so widely in the online advertising ecosystem – offers a way for malicious actors to “hide in plain sight”.

“At first glance, using code-signing certificates belonging to adware developers seems completely counterproductive,” Blackberry says in the report.

“Malware that may previously have gone undetected would now almost surely be immediately noticed. At least a handful of antivirus vendors would flag it, if only on the basis of the adware code-signing certificate.

“Why would an attacker, particularly one aligned with the interests of a nation state, want to do that?”

However, it seems that by giving malware the disguise of adware, these hackers managed to reduce their risk of detection.

“In our judgement, these threat actors would rather be found and then ignored than found and investigated, particularly on the Windows platform where so much of the antivirus attention is focused,” BlackBerry explains.

“Malware masquerading as adware stands a good chance of being overlooked or disregarded if it is detected, especially in busy corporate enterprise environments because they manage a “stack” of multiple security technologies, each with its own set of alerts.”

Networks and host defenders are each day inundated with warnings of a potential breach.

BlackBerry suggests that these findings show the need for security operators to reassess how they determine “run-of-the-mill” nuisances versus malware that is potentially masquerading as adware.

 

Please login with linkedin to comment

adware China

Latest News

Nestlé Oceania Adds The Edison Agency To Strategic Design Roster
  • Marketing

Nestlé Oceania Adds The Edison Agency To Strategic Design Roster

The Edison Agency has made four new appointments in its Sydney office to service the continued growth across key account The Arnott’s Group and the recent appointment to Nestlé Oceania’s strategic packaging design roster. Over the past 12 months, the culmination of strategic and creative work across the Uncle Toby’s brand and continued growth of […]

The headset on tablet for metaverse  or technology concept 3d rendering
  • Technology

Wunderman Thompson Releases Adland’s Roadmap For The Metaverse

Wunderman Thompson Intelligence has this week published “Into the Metaverse”—a new report covering everything brand owners and their agencies need to know about this new paradigm, from what the metaverse is to its meaning for brands. Interest in the metaverse—a term first coined in Neal Stephenson’s 1992 novel Snow Crash, then closely associated with gaming, meaning […]

SCA Launches Smart Speaker Experience Tom & Olly’s Guide To Lockdown
  • Media

SCA Launches Smart Speaker Experience Tom & Olly’s Guide To Lockdown

SCA has announced a new smart speaker experience for the Hit Network, with Tom and Olly’s Guide to Lockdown. A voice-activated way to get inspiration and information on fun activities that can be done at home, the guide is curated to appeal to a wide audience. Smart speaker users will find a range of ideas […]

IPG’s Reprise Appoints New Chief Product Officer & GM, Client & Commercial
  • Marketing

IPG’s Reprise Appoints New Chief Product Officer & GM, Client & Commercial

Reprise Australia CEO Maria Grivas has announced two new senior positions at the digitally-led performance marketing business that is part of Mediabrands Australia. The appointments are Grivas’ most prominent steps since taking her role in June this year. “At Reprise our mission is to help brands build and accelerate customer flow,” said Grivas. “These new […]

Tug Sydney Appointed By Global Restaurant Booking Platform Dish Cult
  • Marketing
  • Technology

Tug Sydney Appointed By Global Restaurant Booking Platform Dish Cult

Digital marketing agency Tug has been appointed by global restaurant booking platform Dish Cult to optimise search across key markets including Australia, New Zealand, UK and Ireland. Dish Cult, which is powered by global reservation and table management solution ResDiary, is a content-led booking platform that includes stories, guides and news on where diners should […]

Tel Aviv, Israel - July 19, 2014: High-top classic Nike AF-1 basketball shoes/sneakers, a classic timeless design originally from the 1980's - illustrative editorial
  • Technology

New Investigation Shows World-Leading Brands Like Nike And Amazon Are Being Advertised On COVID Conspiracy Sites

A new report from The Bureau of Investigative Journalism has revealed that ads for major brands like Nike, Amazon and ASOS are appearing on COVID-19 and anti-vaccination conspiracy sites. The Bureau’s research spanned the course of three months, in which they found ads for major brands, as well as government sites like the UK’s National Health […]

QMS’ Jemma Enright Talks The Company’s Plans For The City Of Sydney’s $300M Outdoor
  • Media

QMS’ Jemma Enright Talks The Company’s Plans For The City Of Sydney’s $300M Outdoor

Back in June 2020, QMS pulled off a major coup, snaring the City of Sydney’s outdoor assets away from rival JCDeceaux in a 10 year deal reported to be worth $300 million. COVID has made the changeover and erection of new street furniture challenging, but here B&T chats with Jemma Enright who joined the business […]

by B&T Magazine

B&T Magazine
Two M&C Saatchi Creatives Talk Making Art To Stay Fresh
  • Opinion

Two M&C Saatchi Creatives Talk Making Art To Stay Fresh

M&C Saatchi creatives Sam Rowlands and Jason Leigh talk about their personal creative pursuits, and how it informs their advertising. Then they decided that, as they hadn’t seen each other in a long time, they’d prefer to interview each other… Sam Rowlands — art director/painter/sculptor/fashion designer (as interviewed by Jason Leigh) Sam forgot about our […]

Opinion

by B&T Magazine

B&T Magazine
Michael Speakman Joins Esports Organisation ORDER As Head Of Commercial
  • Marketing
  • Technology

Michael Speakman Joins Esports Organisation ORDER As Head Of Commercial

Esports organisation ORDER has announced the appointment of  Michael Speakman as its new Head of Commercial. As part of ORDER’s expansion, Speakman will help navigate new commercial opportunities by offering a creative space for brands to connect, level up and deliver partnerships across the gaming ecosystem. ORDER continues to sustain its rapid expansion by appointing a […]

Hivestack Expands US Footprint With Clear Channel Outdoor Partnership
  • Media

Hivestack Expands US Footprint With Clear Channel Outdoor Partnership

Hivestack, the leading global programmatic digital out of home (DOOH) ad tech company today announced a partnership with Clear Channel Outdoor Americas (CCOA), the US based business of Clear Channel Outdoor Holdings: one of the world’s largest outdoor advertising companies. Through this new partnership, CCOA will offer advertisers a way to buy DOOH inventory programmatically […]