Forbes.com infected by hackers in campaign to spy on visitors-researchers

Reuters News
|
Posted: Feb 10, 2015 1:06 PM

By Jim Finkle

BOSTON (Reuters) - The Forbes.com financial news site was infected by Chinese hackers with spying software that targeted specific visitors, including those at U.S. financial services and defense firms, according to two cybersecurity firms.

The hackers infected Forbes.com in November with software that automatically attacked visitors by exploiting security flaws in Microsoft Corp's Internet Explorer browser and Adobe Systems Inc's Flash software, cybersecurity firms iSight Partners Inc and Invincea Inc said on Tuesday.

The firms said they only had a limited view into the attacks based on customer data and other intelligence.

They said they only identified a few organizations in the defense and financial services sectors that were targeted and declined to identify them. They also said they did not know if the hackers had succeeding in stealing any data, though they believed other visitors to Forbes.com were affected.

Forbes.com is the most popular website known to be compromised as part of an espionage campaign, according to iSight researcher John Hultquist. Previous cyberattacks on popular websites have involved malware used by cyber criminals, not spies, he said.

(Reporting by Jim Finkle in Boston. Additional reporting by Jennifer Saba in New York.; Editing by Phil Berlowitz)