Hackers may be targeting non-government organizations with a series of backdoor attacks, a computer security firm warned this week.
Trend Micro said it has found evidence that Amnesty International (AI), whose UK website was attacked recently, is “not the only intended target for the attack.”
“Based on our investigation, it seems that the initially reported affected organization is just one of the targets in this attack and that the attack itself is fashioned specifically for the targets,” it said in a blog post.
It cited earlier reports the attack on AI’s website involved an iframe that redirected users to another compromised site in Brazil.
The site executed a malicious Java applet detected as JAVA_DLOAD.ZZC, which exploits vulnerability in Java.
According to Trene Micro, the attack drops BKDR_PPOINTER.SM, which connects to a certain URL to send and receive commands from the attacker.
“It is also capable of gathering certain information about the affected system,” Trend Micro said.
A separate blog post by security researcher Brian Krebs late December said AI’s homepage in the United Kingdom had served malware that exploits a recently-patched vulnerability in Java.
“Security experts say the attack appears to be part of a nefarious scheme to target human rights workers,” he said.