Freedom is slavery
As readers will doubtless already be aware, a major cyber attack in December originated in China and, according to Google, had the primary aim of accessing the Gmail accounts of Chinese civil rights activists.
This troublingly Orwellian development caused Google to "review the feasibility of our business operations in China" earlier this week, and made it decide to stop censoring search results on google.cn, which had been a precondition to Google being allowed to do business in China in the first place.
Now, security software maker McAfee has published the findings of its investigation into the attack, which targeted a number of other large companies too, which it's calling Aurora. McAfee revealed that Microsoft issued an advisory yesterday that "Internet Explorer was one of the vectors used" in the attack - specifically IE6.
McAfee goes on to say that the key to unlocking this vulnerability was probably targeted phishing types of attacks, enticing select targets to click on dodgy links. It confirms that IE6 has been the focus of the attacks and that the vulnerability even exists on Windows 7 PCs.
Aurora is a name McAfee has identified in some of the filepaths it has seen a couple of the malware binaries. It reckons Aurora was the internal codename the bad guys gave to this operation. The attack is considered representative of a new generation of stealthy, highly targeted attacks - called advanced persistent threats - that have redefined the malware environment.
