Languagesx
English Deutsch
Subscribe
Home Sykipot Heralds New Chinese Cyber Threats

Sykipot Heralds New Chinese Cyber Threats

Security researchers from various companies have uncovered the latest cyber weapon, nicknamed Sykipot. It appears to try to grab documents from high level executives within a variety of target organizations, of which the vast majority have been defense related agencies working on unmanned combat drones. The origins of the attacks appear to be with a long-standing well-funded Chinese group that has been operating for several years.

The best explanation of what Sykipot is doing is from AlienVault here, although there is additional information from Symantec and Trend Micro as well. All agree that while the attacks aren’t super-sophisticated, they represent a real threat.

In the recent attack, when the malicious PDF is opened, the Sykipot malware is executed and the user is shown a copy of a clean PDF file before Skyipot is injected into iexplore.exe, outlook.exe and firefox.exe, if they are available on a Windows PC. The Adobe Reader vulnerability (which carries the reference number CVE-2011-2462) is just the latest in a long string of other exploits by the same authors that go back to 2007, including embedding malicious Javascript into PDFs and another Adobe zero-day vulnerability that was recently patched. (See below.) That is very scary indeed. Many of the researchers predict that this isn’t the last time we’ll see Sykipot come through looking for more information.

The AlienVault security blog post shows how this malware operates, and how they have tracked it back to a Chinese Web server vendor Netbox, and a series of Chinese ISPs and proxy servers, along with its command-and-control sites that are also in Chinese IP address spaces. Netbox allows developers to compile and deploy ASP apps into standalone .EXE files. Here is its map showing the redirection to Chinese source addresses:

AlienVault researchers state: “We shouldn’t jump to assumptions, but whoever is behind Sykipot is massively collecting information from targeted victims that cover dozens of industries. [While] it’s true that the piece of malware isn’t too sophisticated; it is related to at least six zero-day attacks that require skills and/or money. Anyway we have been seeing that ‘not too sophisticated malware’ works.” They conclude their blog post with this ominous bit: “Someone has said that cyberwar does not exist. Draw your own conclusions.”

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags

Related News

Logitech offers mouse and keyboard users free ChatGPT upgrade with AI Prompt Builder. A robotic hand with silver metallic fingers holds a black computer mouse on a red background. Text at the top of the image reads from left to right: "Recipes Instructions 0". Below that is a text box with the following options, top to bottom: "Rephrase", "Summarize", "Reply", "Create Email", "Brainstorm".
Logitech offers mouse and keyboard users free ChatGPT upgrade
Suswati Basu
Streets of Sakarya city during the Ottoman Empire
Medium bans AI-generated content from its paid Partner Program
Sophie Atkinson
How to tell if something is written by ChatGPT
How to tell if something is written by ChatGPT
James Jones
Elon Musk black and white side profile, on a dark blue background which features a large Tesla logo. wads of money rain down on the logo
Elon Musk to raise Tesla AI staff salaries to curb OpenAI poaching
Ali Rees
a conceptual image with a magnifying glass and large 'AI' letters to symbolize AI detectors.
5 best AI content detectors
James Jones

Most Popular Tech Stories

Latest News

AI-generated image of audio created to impersonate a school principal / Baltimore police arrest former high school sports director for framing principal using AI
AI

Baltimore school principal targeted in faked audio AI scam
Graeme Hanna8 hours

In Baltimore, Maryland a former high school sports director has been arrested for using artificial intelligence to impersonate a principal, making the public believe he had made racist and anti-semitic...

Popular TopicsArrow right.svg

AI
AI
AR / VR
AR / VR
Cryptocurrency
Cryptocurrency
Gaming
Gaming
Smartphone
Smartphone
Gambling
Gambling
Wearables
Wearables
Web
Web

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.