octoberasian
2[H]4U
- Joined
- Oct 13, 2007
- Messages
- 4,082
Well, add this to list of things that can be used to hack into someone's network, especially that of an oil company: A Chinese menu that's possibly an image or PDF infected with a malware.
This is another "watering hole" attack to gain access to a network in which a similar attack was last used to get into Target's networks and POS machines just by someone using stolen HVAC login credentials.
It does make me wonder though:
Source: http://www.nytimes.com/2014/04/08/technology/the-spy-in-the-soda-machine.html?_r=0Unable to breach the computer network at a big oil company, hackers infected with malware the online menu of a Chinese restaurant that was popular with employees. When the workers browsed the menu, they inadvertently downloaded code that gave the attackers a foothold in the businesss vast computer network.
This is another "watering hole" attack to gain access to a network in which a similar attack was last used to get into Target's networks and POS machines just by someone using stolen HVAC login credentials.
It does make me wonder though:
- What large oil company was this?
- Don't these computers have anti-virus/anti-malware software? Or, aren't these computers usually isolated from the rest of the network?
- What Chinese restaurant website is infected now with this infected menu? And, how and where did these intrepid hackers find out what restaurant in the first place?