Security researchers warned on Tuesday that foreign policy and human rights websites are being booby-trapped by hackers in what appears to be cyber espionage.
As of Monday websites for Amnesty International Hong Kong, the Cambodian Ministry of Foreign Affairs and the US Center for Defense Information remained rigged to slip “hostile” code onto visitors’ computers, according to Shadowserver Foundation devoted to tracking and reporting Internet threats.
“These attackers are not spreading malware through strategically compromised websites to make friends,” Shadowserver researchers Steven Adair and Ned Moran warned in a blog post.
“They are aiming to expand their access and steal data.” Data sought included messages, intellectual property, research, and business intelligence such as contracts and negotiations, according to security specialists.
“The CDI website is serving up a malicious Flash exploit that ties back to attackers known to engage in cyber espionage,” the researchers said.