Malaysian flight MH370 tragedy abused by Chinese hackers for Espionage attacks
This week, Security researchers at FireEye have revealed about various ongoing spear phishing and malware attacks by some advanced persistent threat (APT) attackers.
According to the researchers, the Chinese hacking group called 'admin@338', specialized in cyber espionage attacks had sent multiple MH370-themed spear phishing emails to the government officials in Asia-Pacific, with an attachment referring to the missing Malaysian flight MH370.
The attachment file was actually merged with Poison Ivy RAT (remote access tool) and WinHTTPHelpermalware to hijack the computer systems of government officials.
The Chinese Hacking Group also initiated another attack against the US based think tank on 14th March. A malicious attachment was dropped via spear phishing mails, contains “Malaysian Airlines MH370 5m Video.exe”. The malicious attachment pretended to be a Flash video related to the missing plane and attached a 'Flash' icon to the executable file.