Hackers target Chinese supporters of the Dalai Lama, plant malware on Tibetan website

Dalai LamaIt probably doesn’t take a genius to work out who would have the greatest motive for spying on Chinese supporters of the Dalai Lama.

The Tibetan Government in Exile is no stranger to being on the receiving end of hacking and malware attacks, having been battered by a series of attacks assumed to have originated in China over the years.

In the latest incident, researchers at Kaspersky Lab have warned internet users to stay away from the Chinese-language version of the Central Tibetan Administration’s website, after discovering that it exploits a Java vulnerability to drop spyware onto visiting computers.

Hacked Tibetan website

Sign up to our free newsletter.
Security news, advice, and tips.

This is what is known in computer security circles as a “watering hole attack”.

Hackers breach a website known to be visited by a particular group of targets, rather than directly launch an attack against the targets themselves. Eventually someone visits the “watering hole” and their computer ends up poisoned and compromised.

Once again, it’s important to stress how important it is to keep web servers, and the software running on them, up-to-date with security patches to lessen the chances of hackers being capable of embedding malicious code.

The hackers may not actually be that interested in stealing information from your website and its servers, but may be much keener to spy upon and exploit the computers which visit it.

Read more about this particular attack in this blog post by Kaspersky Lab researcher Kurt Baumgartner.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.