Financial news site Forbes - and as a result, some of its readers - fell victim to cyber attackers late last year. It’s possible that Chinese hackers are to blame although Forbes notes that there isn’t yet enough evidence to point fingers at this hour.
According to reports, hackers infiltrated Forbes.com on November 28 and modified a system file related to the website. Specifically, they injected code into the Adobe Flash widget responsible for displaying the Thought of the Day page that visitors are shown when they land on the site.
The hacked widget would send visitors to another website in which a zero-day vulnerability in Flash was exploited. If needed, Forbes said, another flaw in Microsoft’s Internet Explorer was also triggered. The exploits would install malware on victims’ computers in an apparent attempt to extract basic system information.
The publication notes that anyone running Windows XP or newer and using a browser other than Internet Explorer should have been safe.
News of the attack first surfaced via two cybersecurity firms, iSight Partners and Invincea, with Forbes itself later confirming the attack. The firms claim Chinese cyberespionage group Codoso Team, also known as Sunshop Group, is responsible for the attack.
Adobe patched the loophole on December 9 while Microsoft did the same in its software yesterday. Forbes said that upon discovery on December 1, they immediately replaced the impacted file and launched an investigation into the matter. Said investigation found no indication of an additional or ongoing attack.
iSight Partners senior partner Steve Ward said the attack was fairly brazen because Forbes is a destination that many people in a targeted organization (the financial industry) visit and view as a safe place.