Forbes Website has been used to Hack readers
Users of Microsoft’s flagship Internet browser who visited Forbes.com on the four days following Thanksgiving were open to be hacked, two cybersecurity firms said Tuesday.
The companies, iSight Partners and Invincea, said hackers who appear to be linked to China had reprogrammed Forbes’ “Thought of the Day” widget to send malicious computer code to readers’ computers.
The site appears to have been compromised from Nov. 28 to Dec. 1, the firms said. They said they did not know how many Internet users may have been affected.
Forbes, which had not previously disclosed the incident, confirmed it Tuesday. In a statement, a spokeswoman said Forbes learned of the hack, and its duration, on Dec. 1. “Forbes took immediate actions to remediate the incident,” she said.
The episode could mark one of the most brazen incidents in which cyberspies put much of the Internet at risk to target a few individuals. Forbes.com is the 62nd most popular website in the U.S., and said it counted more than 31 million visitors in November. Microsoft’s Internet Explorer browser accounts for more than half the global market.
But analysts suspect the attackers were interested in select targets.
Invincea said it responded to a hacking incident at a defense contractor in late November, and traced the malware to employees visiting Forbes. Working with iSight, which has close ties to official Washington, the two firms also found evidence of malware from the Forbes site on computers in the American financial services sector.
The links to China are indirect. ISight says it has linked the Forbes hack to the malware and tactics used in a string of intrusions at defense contractors, a Hong Kong think tank and the Nobel Peace Prize website shortly after the award went to a Chinese dissident in 2010.
The Chinese embassy in Washington didn’t immediately respond to a request for comment.
Cybersecurity experts say the average Forbes reader wasn’t at risk.
“It’s not their M.O. to infect tens of millions of people,” said Stephen Ward, an iSight spokesman.
The cybersecurity firms said the hackers were able to get in by exploiting previously unknown holes in both Adobe Flash and Internet Explorer.
For investigators, that’s another clue. Hackers generally only use previously unknown software vulnerabilities on high value targets. The reason: Once a bug is exposed through an attack, software companies can patch it and it becomes much less useful.
Adobe patched the flaw in Flash in December. Microsoft released an Internet Explorer patch Tuesday.
Source : The wall street Journal